Re: IPSEC Policy to secure TS

From: Chris (firenet@optonline.net)
Date: 02/19/03


From: "Chris" <firenet@optonline.net>
Date: Wed, 19 Feb 2003 09:26:50 -0800


Thanks for responding!

The computers are not in the same network. This is for
computers accessing the TS from across the internet.

Chris

>-----Original Message-----
>Oops wrong KB. --- Steve
>
>http://support.microsoft.com/default.aspx?scid=kb;EN-
US;254949
>
>"Steven L Umbach" <n9rou@attbi.com> wrote in message
>news:Y_N4a.165146$iG3.19368@sccrnsc02...
>> Hi Chris. Are the computers in the same forest??
If not Kerberos
>> authentication will not work. If you are using a
secure server required
>> policy, try server request policy to see if that will
at least work and
>> troubleshoot from there using ipsecmon, ping, etc. Try
connecting to the
>> Terminal Server by tcp/ip address instead of name if
you have not tried
>that
>> yet. You may need to add a rule to your policy to
exempt ipsec traffic
>> to/from a domain controller per KB254728.. --- Steve
>>
>> http://support.microsoft.com/?kbid=254728
>>
>> "Chris" <firenet@optonline.net> wrote in message
>> news:093d01c2d7cc$2b976ec0$3301280a@phx.gbl...
>> > Hello,
>> > I created an IPSEC filter list to match Terminal
Service
>> > packet, created an IPSec Policy to enforce
protection and
>> > then I enabled the policy. I did all according to
the MS
>> > article 315055. But, now my Windows XP RDP client
can no
>> > longer connect to the Terminal Server on Port 3389.
Does
>> > anyone know what the problem could be? Many Thanks,
>> >
>> > Chris
>>
>>
>
>
>.
>



Relevant Pages

  • Re: IPSEC Policy to secure TS
    ... > Hi Chris. ... > policy, try server request policy to see if that will at least work and ... You may need to add a rule to your policy to exempt ipsec traffic ... >> longer connect to the Terminal Server on Port 3389. ...
    (microsoft.public.win2000.security)
  • RE: prevent execution of login-script?
    ... You could add a case to the beginning your logon script that detects the ... You could assign logon scripts via Group Policy, ... when they logon to specific computers, ... Microsoft MVP - Terminal Server ...
    (microsoft.public.windows.terminal_services)
  • RE: roaming profiles conflicts
    ... My suggestion is to get rid of the global setting in AD Users and Computers ... that defines where a user's TS profile is. ... policy is only getting applied to users who logon to the specific computers, ... When these same users attempt to login to a terminal server ...
    (microsoft.public.windows.terminal_services)
  • group policy For computer
    ... is there any way to apply policy in AD to member server and not to all the ... computers just to the MEMBER SERVER that working (Terminal Server)? ...
    (microsoft.public.win2000.group_policy)
  • Re: Reinstall everytime assigned applications through GPO on start
    ... Software installation extension has been called for background policy refresh ... Stations - R&D Software (EMEA computers). ... Stations - R&D Software (EMEA computers) is set for installation because it ... The assignment of application Remote Administrator v2.1 from policy Software ...
    (microsoft.public.windows.group_policy)