Re: IPSEC Filter
From: Toni Lassila (mpao@mc-europe.com)
Date: 12/31/02
- Next message: Tyler Li [MS]: "Re: Stand Alone CA Problem"
- Previous message: Server: "Re: Win2K login problem"
- In reply to: Robin Twiggs: "IPSEC Filter"
- Next in thread: Karl Levinson [x y] mvp: "Re: IPSEC Filter"
- Reply: Karl Levinson [x y] mvp: "Re: IPSEC Filter"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: mpao@mc-europe.com (Toni Lassila) Date: 30 Dec 2002 23:18:48 -0800
"Robin Twiggs" <rstwiggs@lantic.net> wrote in message news:<u1vNa0HsCHA.1656@TK2MSFTNGP09>...
> I am trying to apply an IPSEC filter to limit incoming FTP to a specific IP
> Subnet.
> The incoming IP is dynamic and can be anything between 203.45.170.0 and
> 203.45.240.255
>
> When I try to enter the filter as
> IP 203.45.0.0
> Subnet 255.255.0.0
> I get a message that this setting is invalid.
IP address space from 192 up was originally reserved for Class C type
networks, i.e. /24. That means you can only have a netmask of
255.255.255.0 and need to have 71 different entries for each Class C
network you want to cover in this case.
Apparently someone at MS hasn't heard of CIDR, so you're SOL. This looks
like it should be fixed in a SP.
> Am I missing something here?
No, but Windows definitely is.
- Next message: Tyler Li [MS]: "Re: Stand Alone CA Problem"
- Previous message: Server: "Re: Win2K login problem"
- In reply to: Robin Twiggs: "IPSEC Filter"
- Next in thread: Karl Levinson [x y] mvp: "Re: IPSEC Filter"
- Reply: Karl Levinson [x y] mvp: "Re: IPSEC Filter"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
