IPSec & Kerberos

From: myrt webb (anonymous_at_discussions.microsoft.com)
Date: 09/27/04 

Date: Sun, 26 Sep 2004 19:15:22 -0700

I do not understand the relationship between Kerberos and
IPSec when encypting communications in a domain.

If you turn on Secure Server on a server all commo is
IPSec encrypted in the domain from that server without
the use of a Certificate Authority. According to what I
have read Kerberos takes care of the key exchange so the
SA can be established. Does Kerberos construct a
certificate or is some other method used.

Relevant Pages

  • Re: Should I install Certificate Authority to solve these problems ?
    ... team was planning to implement IPSec in our Win2003 domain. ... arguing that somebody can "spoof the system and a rogue server could pretend ... >> Management is pushing to get Certificate Authority ... > You have told them that this requires a minimum of two machines ...
    (microsoft.public.win2000.security)
  • RE: Alternatives to Kerberos
    ... PGPvpn will work on Windows systems and is compatible with 2000 VPN ... Kerberos on Windows will work across the board only if the Windows box ... but not recognise a kerberos unix server. ... IPSec builtin solution. ...
    (Security-Basics)
  • Re: Cannot telnet some ports
    ... Some with remote administration feature I believe. ... POP3 Server 110 ... # Network services, Internet style ... kerberos 750/udp kdc # Kerberos udp ...
    (microsoft.public.windows.server.general)
  • Re: SBS Server keeps shutting down
    ... as we have had a few power cuts recently and the server kept chugging along. ... I have no idea what IPSec is ... multiple reboot mentioned above and some other troubleshooting steps ...
    (microsoft.public.windows.server.sbs)
  • Re: Cannot telnet some ports
    ... Some with remote administration feature I believe. ... >> From a Windows 2003 Server SP2 ... >> fromn the 2k3 serrver but can telnet into any other port. ... kerberos 750/udp kdc # Kerberos udp ...
    (microsoft.public.windows.server.general)