Re: Restrict Tcp/IP connetions

From: Steven L Umbach (sumbach_at_nospam-ameritech.net)
Date: 01/29/04

• Next message: Steven L Umbach: "Re: password"
• Previous message: Steven L Umbach: "Re: folder permisions"
• In reply to: Per: "Re: Restrict Tcp/IP connetions"
• Next in thread: Per: "Re: Restrict Tcp/IP connetions"
• Reply: Per: "Re: Restrict Tcp/IP connetions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 29 Jan 2004 15:18:16 GMT

You want to create an ipsec filtering policy. You will first want to create
a mirrored "block all" ip rule, then an mirrored rule that will permit all
ip traffic to the server based on it's ip address. Ipsec rules are different
that firewall rules in that their ordering does not matter, but a specific
rule will override a general rule. See the link below for details on ipsec
configuration. A personal firewall is also another option which could also
control traffic based on application if need be and provide logging. ---
Steve

http://www.microsoft.com/windows2000/techinfo/planning/security/ipsecsteps.asp
http://www.webattack.com/Freeware/security/fwfirewall.shtml

"Per" <anonymous@discussions.microsoft.com> wrote in message
news:609501c3e662$20cbda80$a301280a@phx.gbl...
> And then?? I don't understand what i should do then?
>
> Per
>
> >-----Original Message-----
> >Check the gpedit.msc
> >Run it from the start -> Run -> gpedit.msc
> >Then open the Computer Configuration -> Windows Settings -
> > Security
> >Settings -> IP Secrity Policies on local machine.
> >
> >Shai
> >
> >"Per" <anonymous@discussions.microsoft.com> wrote in
> message
> >news:60f901c3e652$ab8fca60$a101280a@phx.gbl...
> >> Hello!
> >>
> >> I wonder if there is a way to restrict Tcp/IP connetions
> >> to a Windows 2000 prof. I want that the W2K Prof only
> can
> >> accept connetions from one server and that the W2K Prof
> >> only can access that server and nothing else on the
> >> network.
> >>
> >> Hope that some one can help me.
> >>
> >> Thanks
> >>
> >
> >
> >.
> >

• Next message: Steven L Umbach: "Re: password"
• Previous message: Steven L Umbach: "Re: folder permisions"
• In reply to: Per: "Re: Restrict Tcp/IP connetions"
• Next in thread: Per: "Re: Restrict Tcp/IP connetions"
• Reply: Per: "Re: Restrict Tcp/IP connetions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Restrict Tcp/IP connetions ... >You want to create an ipsec filtering policy. ... that will permit all ... >ip traffic to the server based on it's ip address. ... >that firewall rules in that their ordering does not ... (microsoft.public.win2000.security) Re: Set up IPsec... ... Set up a mirrored rule that first blocks all inbound traffic on just the ... Then add another mirrored rule to the policy that permits inbound ... traffic on the specified port from just the IP addresses you specify. ... See the link below for an example of setting up ipsec ... (microsoft.public.win2000.security) Re: Internet Access. ... I am not that familiar with creating IPSec ... What is the syntax for a mirrored rule? ... Our website it a fixed IP ... (microsoft.public.security) Re: IPSec Policy Doesnt Really Block ... basic filters to allow port 80 and port 25 inbound from Any to My IP, ... >I have created ipsec policies that work. ... The I add mirrored permit rules for the exceptions such ... >> Here is a list of IPSECPOL.exe commands I am using to create the policy. ... (microsoft.public.win2000.networking) Re: IPSec Policy Doesnt Really Block ... basic filters to allow port 80 and port 25 inbound from Any to My IP, ... >I have created ipsec policies that work. ... The I add mirrored permit rules for the exceptions such ... >> Here is a list of IPSECPOL.exe commands I am using to create the policy. ... (microsoft.public.win2000.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint