Re: IPSec filtering vs. VPN
From: Jeffrey Randow (MVP) (jeffreyr-support_at_remotenetworktechnology.com)
Date: 06/17/04
- Next message: Jeffrey Randow (MVP): "Re: Filling in the blanks:"
- Previous message: THEG8TESS: "browser and driver trouble"
- In reply to: Michael A. Covington: "IPSec filtering vs. VPN"
- Next in thread: Michael A. Covington: "Re: IPSec filtering vs. VPN"
- Reply: Michael A. Covington: "Re: IPSec filtering vs. VPN"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 16 Jun 2004 21:18:53 -0500
That's a good question... Does it work if you allow Protocol 47 from
any IP address to any IP address? I think the problem is in that
one...
Also, what type of error are you getting?
Jeffrey Randow (Windows Networking & Smart Display MVP)
jeffreyr-support@remotenetworktechnology.com
Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....
Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone
On Wed, 16 Jun 2004 18:17:03 -0400, "Michael A. Covington"
<look@www.ai.uga.edu.for.information> wrote:
>Greetings,
>
>I am using Microsoft IP Security Policy (on a Windows 2003 server) to drop
>unwanted TCP packets like a firewall, as described here:
>
>http://www.microsoft.com/technet/itsolutions/network/security/ipsecld.mspx
>
>My problem is that one of my servers is hosting a VPN (through RRAS), and no
>matter what I do, I can't find a setting (other than "allow everything")
>that makes the VPN usable.
>
>I tried the following filter set:
>
>Port 1723 protocol TCP from any IP address to my IP address
>Port ANY protocol 47 from any IP address to my IP address
>Filter action: Permit
>
>That didn't work. Nor did using UDP port 47 in place of any port protocol
>47.
>
>What are the correct settings? My server hosts the VPN by means of 2
>network cards; am I maybe applying the settings to the wrong card?
>
>The settings applied to all the other port numbers (to permit HTTP, FTP,
>etc., and block other things) are working as advertised.
>
>Many thanks!
>
>
>
- Next message: Jeffrey Randow (MVP): "Re: Filling in the blanks:"
- Previous message: THEG8TESS: "browser and driver trouble"
- In reply to: Michael A. Covington: "IPSec filtering vs. VPN"
- Next in thread: Michael A. Covington: "Re: IPSec filtering vs. VPN"
- Reply: Michael A. Covington: "Re: IPSec filtering vs. VPN"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
