Re: IPSec & Kerberos
From: Steven L Umbach (n9rou_at_N0sPaM-comcast.net)
Date: 09/27/04
- Next message: Halim: "Windows 2000 server slowing down when number reset connection gets high"
- Previous message: Steven L Umbach: "Re: Can't find list of servers for a workgroup"
- In reply to: myrt webb: "IPSec & Kerberos"
- Next in thread: Steven L Umbach: "Re: IPSec & Kerberos"
- Reply: Steven L Umbach: "Re: IPSec & Kerberos"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 27 Sep 2004 03:07:18 GMT
There are three authentication methods for ipsec - kerberos [default ],
certificate, or preshared key. They are all forms of authentication. A
certificate is not required for authentication. Key use is not exclusive to
a key exchange. It is however the most secure method of authentication of
authentication outside of a domain for ipsec. In the initial authentication
a computers public key is used to encrypt the keys in the challenge sent to
the other computer when a certificate is used. If preshared keys are used
then the challenge is encrypted with a hash created from the pre shared
ey. --- Steve
"myrt webb" <anonymous@discussions.microsoft.com> wrote in message
news:274601c4a437$d7d3e040$a301280a@phx.gbl...
> I do not understand the relationship between Kerberos and
> IPSec when encypting communications in a domain.
>
> If you turn on Secure Server on a server all commo is
> IPSec encrypted in the domain from that server without
> the use of a Certificate Authority. According to what I
> have read Kerberos takes care of the key exchange so the
> SA can be established. Does Kerberos construct a
> certificate or is some other method used.
- Next message: Halim: "Windows 2000 server slowing down when number reset connection gets high"
- Previous message: Steven L Umbach: "Re: Can't find list of servers for a workgroup"
- In reply to: myrt webb: "IPSec & Kerberos"
- Next in thread: Steven L Umbach: "Re: IPSec & Kerberos"
- Reply: Steven L Umbach: "Re: IPSec & Kerberos"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
