RE: Setting up IPSEC with servers in and out of a domain
- From: "Serge Vondandamo" <serge.vondandamo@xxxxxxxxxx>
- Date: Tue, 20 Nov 2007 06:32:19 +0100
Marty,
That is doable.
The conditions are that you will have to open the IPSEC ports on FWs on both
side of the communication channel.
IKE on UDP 500, IP 50 or IP 51 depending on either you are using AH or ESP
on the FWs at each side of the communication link.
If both servers are behind NAT devices the only ports you'll need will be
UDP 500 (IKE, ISAKMP) and UDP 4500 for NAT Traversal.
Be aware that Cisco IPSEC implementation will require an additional port to
be open; I think it is TCP 10000.
Cheers,
Serge Vondandamo, HND, CCNA, CISSP
-----Message d'origine-----
De : listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] De
la part de Marty
Envoyé : lundi 19 novembre 2007 19:11
À : focus-ms@xxxxxxxxxxxxxxxxx
Objet : Setting up IPSEC with servers in and out of a domain
Greetings list,
Has anyone had success with using IPSEC to encrypt traffic between a
server in a domain and a server not in a domain? If not, are there
any third party solutions out there that can do this?
Thanks in advance,
Marty
- References:
- Prev by Date: RE: Setting up IPSEC with servers in and out of a domain
- Next by Date: SecurityFocus Microsoft Newsletter #369
- Previous by thread: RE: Setting up IPSEC with servers in and out of a domain
- Next by thread: SecurityFocus Microsoft Newsletter #369
- Index(es):
Relevant Pages
|
