IPsec policy, Win2000 Pro

From: Mark Berkowicz (mdberk3@comcast.net)
Date: 05/24/02

• Next message: Gregory Suvalian: "How AD handles password changes"
• Previous message: Laura A. Robinson: "Re: Y2K hosting server"
• Next in thread: x y: "Re: IPsec policy, Win2000 Pro"
• Reply: x y: "Re: IPsec policy, Win2000 Pro"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "Mark Berkowicz" <mdberk3@comcast.net>
Date: Thu, 23 May 2002 18:51:17 -0700

Hello,

I recently purchased a Linksys VPN router that supports
IPsec tunnels. I enabled the tunnel and created a key on
the router but I am having trouble understanding the
configuration on the remote end.

Our network does not have a Win2000 Server providing VPN.
The Linksys router claims to be able to provide full IPsec
VPN support.

My questions and confusion are as follows:

How does an IPsec policy work on the Win2k Pro machine?
I'm familiar with connecting to a VPN server via dialup
networking's VPN adapter. This created an icon on my
desktop that is used to connect to the VPN. Does an IPsec
tunnel work the same way?

When attempting to configure the policy on the remote
Win2000 users machine, it asks for the IP address of the
laptop. This remote user in question dials up to the
Internet and gets a different IP each time. Do I need to
go into the policy each time after connecting to the ISP
to change the IP address in the policy?

On the router, I have configured it to accept conection
from all IPs and all Gateways. This part makes sense.
However the part about the key is confusing. If I enter a
alpha numeric key, I'm also presented with a Hexadecimal
representation of the key. Do I enter the hex
representation in the policy on the remote users laptop or
do I use the alpha numeric representation?
Example: I enter the aplha numeric key of 123
The Linksys VPN router translates that to 7B.
Do I put 7B in the remote users policy or 123?

Thanks for any help you can provide.

-mark

---

• Next message: Gregory Suvalian: "How AD handles password changes"
• Previous message: Laura A. Robinson: "Re: Y2K hosting server"
• Next in thread: x y: "Re: IPsec policy, Win2000 Pro"
• Reply: x y: "Re: IPsec policy, Win2000 Pro"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: VPN Connection between Windows 2003 server and a VPN router ... The MS IPsec implementation only supports "static" IP's. ... can't store DNS or WINS names in policy and get automatic name resolution. ... You'll have to reserve a static IP for your VPN server. ... (microsoft.public.windows.server.networking) VPN Through Firewall To Office ... If I put myself with no local firewall, I get through just fine on VPN ... Chain FORWARD (policy ACCEPT) ... I think I heard that ipsec uses port 500. ... (comp.os.linux.security) Re: VPN/IPseec ... What's the policy you are trying to implement? ... > from a VPN client to the VPN server over IPSec but I can't control the IPsec ... (microsoft.public.win2000.security) RE: Sandboxing ... the 3Com Embedded Firewall would be extremely useful and enabling (in ... your case) when you look at it in a VPN context. ... This security policy will accomplish quite a few things: ... During the Policy Server installation, ... (Focus-IDS) Re: Remote Desktop thru VPN and Network Security ... You can use Remote Access Policies to configure exactly what users can ... access via their VPN connection. ... If you create a policy you can then edit ... infection if users are copying files back and forth between computers. ... (microsoft.public.windows.terminal_services)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)