IPSec and clusters

From: Solomon (anonymous_at_discussions.microsoft.com)
Date: 08/24/04


Date: Tue, 24 Aug 2004 08:39:01 -0700

Hi All
        I have 2 Windows 2000 servers in a cluster, and
I'm using group polices to apply IPSec. I'm using IPSec
as a firewall to block subnet ranges and ports. I
currently have the servers open to my subnet and port 80
open for IIS.
        My problem is when ever I reboot a server in the
cluster, IPSec blocks port 80 but does not block my local
subnet. I then have to disable IPSec in group polices
run secedit on the local servers and then reapply IPSec
and rerun secedit on the local servers.

I'm aware that IPCes has problems when encrypting data on
a cluster, but I have not seen anything about using IPSec
as a firewall and having cluster problems.

Any help would be great.
-Solomon



Relevant Pages

  • Re: Wierd Network problem
    ... better than cpanel, ... physical ports. ... a computer on a different subnet off the same ... >> little further and compared the servers that are ...
    (freebsd-questions)
  • Re: symantec 200R help
    ... You can subnet class-A subnets into class-b or class-c if ... >c. can I use this appliance to connect to all 3 servers behind the firewall ... computer per port, meaning you cannot have two web servers running on ...
    (comp.security.firewalls)
  • Re: IPSec and clusters
    ... Here are the filter lists, IP address are all made up. ... >> as a firewall to block subnet ranges and ports. ... >> currently have the servers open to my subnet and port ... >> run secedit on the local servers and then reapply IPSec ...
    (microsoft.public.win2000.security)
  • Wierd Network problem
    ... and on the local router, ... have two other freebsd 6.1 servers on that same subnet ... tried to access any other port, ...
    (freebsd-questions)
  • RE: Port 500??
    ... Subject: Port 500?? ... My servers are set to ask for IPSEC on any connections, ... When My DNS server ...
    (Security-Basics)