Re: Keeping a particular intruder out



"Roger Abell [MVP]" <mvpNoSpam@xxxxxxx> wrote in news:uwo7hjtlGHA.1240
@TK2MSFTNGP05.phx.gbl:

From where are you getting the IP? The IIS logs?

Yes

IPsec uses the IP as actually in use, where as the IP logged in
the IIS logs seems to be from the http headers. I have run into
this before when trying to subvert pests with IPsec barring rules
when apparently the originating machine is behind a NAT so
that there is an outer IP in actual use by the network stack
that you much determine in order to block with IPsec.

So it seems.

Thanks for replying...

I can always fall back on to plan 'B' (which is a home-grown ISAPI filter
on the 'mod_rewrite' principle) so it's not the end of the world, but can
IPSEC (or any other IIS feature) be persuaded to part with the 'true' IP
information I want?

(2003 + SP1, if that is relevant)
.