Re: DHCP over IPSec

From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 10/27/04 

Date: Wed, 27 Oct 2004 19:20:55 GMT

You can't use ipsec to encrypt broadcast traffic like that used with dhcp -
only unicast traffic. The links below explains this more. --- Steve

http://www.securityfocus.com/infocus/1528
http://support.microsoft.com/default.aspx?scid=kb;en-us;811832

"Oseas Millan" <Oseas Millan@discussions.microsoft.com> wrote in message
news:BA7B8767-7026-45F1-A029-370CE1C6B9E4@microsoft.com...
>I need to implemente DHCP over IPSec for a Security Project, but the DHCP
> ports 67 and 68 are closed when I implement the policy. Please Helpme to
> resolve this problem

Relevant Pages

  • Re: assigning ip addresses on a secure way
    ... DHCP works off of broadcasts. ... has network access to a DHCP server can get an address as long as there are address ... allows you to filter mac addresses in a learn mode that can lock ports to the current ... Only W2K, XP Pro, and Windows 2003 are ipsec aware. ...
    (microsoft.public.security)
  • Re: Group policy to restrict who Recieves an IP from DHCP???
    ... DHCP is not a good security mechanism though you can use reservations that ... capable switches, compatible operating systems, PKI, and IAS server on the ... Ipsec may be something to look at. ... While you can use ipsec to protect domain computers, ...
    (microsoft.public.win2000.group_policy)
  • Re: assigning ip addresses on a secure way
    ... > superscope scenario to configure the DHCP to assign 10.3.ip s just to the ... >> allows you to filter mac addresses in a learn mode that can lock ports to ... >> configurations and can allow all computers internet access while not ... >> Within a domain ipsec by default will use kerberos authentication and any ...
    (microsoft.public.security)
  • Re: Firewalls and PCI
    ... DHCP all an attacker with zero knowledge of the network configuration ... a comment about IPSec: ...
    (Security-Basics)
  • Re: Malicious Software Removal Tool Errors Reported
    ... IPSec Services: IPSec Services failed to get the complete list of network ... IPSec policy agent changed: parameter PolicySource: parameter parameter ... Event Source: Dhcp ...
    (microsoft.public.windowsxp.general)