Re: any logging when ipsec blocks a port? how to determine which ports need to be opened?

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 08/05/04 

Date: Thu, 05 Aug 2004 18:27:24 GMT

Not really. The link below is a KB article about troubleshooting ipsec but mostly
relates to negotiation failures.

http://support.microsoft.com/default.aspx?scid=kb;en-us;257225

Your best bet would be to use a packet sniffer like Ethereal to see what packets are
not getting responses from what computers and on what ports. The link below may be of
help on what ports are necessary for network functioning in a NT4.0 domain. ---
Steve

http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B179442

Windows NT
      Client Port(s) Server Port Service
      1024-65535/TCP 135/TCP RPC *
      137/UDP 137/UDP NetBIOS Name
      138/UDP 138/UDP NetBIOS Netlogon and Browsing
      1024-65535/TCP 139/TCP NetBIOS Session
      1024-65535/TCP 42/TCP WINS Replication

"Les Caudle" <very@tiredofspam.com> wrote in message
news:i5p4h0phaa5gbkindav51skdb8m2m7vmvd@4ax.com...
> I'd like to be able to lock down some office machines - so that the users can
> share files, browse out thru proxy server, log onto the NT4 PDC domain - but
> pretty much lock down everything else. (is there an faq on this?)
>
> As ports are blocked by ipsec during configuration, some necessary ports may get
> blocked. Is there a way to tell which ports were trying to get in and out (and
> were blocked) so that ipsec could be tweaked a bit?
> --
> Thanks in advance, Les Caudle

Relevant Pages

  • Re: any logging when ipsec blocks a port? how to determine which ports need to be opened?
    ... You can also enable IPSec Driver dropped packet event logging. ... Windows Networking ... > help on what ports are necessary for network functioning in a NT4.0> domain. ...
    (microsoft.public.win2000.networking)
  • any logging when ipsec blocks a port? how to determine which ports need to be opened?
    ... I'd like to be able to lock down some office machines - so that the users can ... share files, browse out thru proxy server, log onto the NT4 PDC domain - but ... As ports are blocked by ipsec during configuration, ...
    (microsoft.public.win2000.networking)
  • Re: I am sick of windows firewall
    ... I use the AnalogX IPsec rules to supplement BlackIce ... need IPsec to stop outbound that BlackIce cannot do by ... attempts on the Windows networking ports even though BI ... supplemental packet filtering solution. ...
    (comp.security.firewalls)
  • Re: best encryption + mode for network packets ?
    ... > I don't understand much about all the different encryption modes... ... The IPSEC design deals with many issues ... that the chaining modes typically require an unpredictable but non-secret ... start of the packet they've just received, ...
    (sci.crypt)
  • enc0 patch for ipsec
    ... This is a device to expose packets going in/out of ipsec and comes ... and handoff to pfilfor packet filtering. ... the extra work is only done when the enc0 interface is created. ...
    (freebsd-arch)