IPSec questions

From: Chris Hall (someone_at_microsoft.com)
Date: 10/20/05

  • Next message: Joe Richards [MVP]: "Re: password expiration policy for admin and system accounts ?" 
    Date: Thu, 20 Oct 2005 14:06:11 -0400

    Greeting,

    I realize this isn't a 'Certification' forum, but would like the
    thoughts/expertise of those in the Real World.

    I'm preparing for 70-214 and have some questions on IPSec and it's use in a
    network. IPSec runs in two modes, tunnel and transport. Can someone give me
    examples of when and why to use each? It seems to me that tunnel mode would
    be best served if using it to connect to servers like two exchange servers
    or an IIS to SQL server, where the endpoint was just that....the endpoint!

    Thanks in advance!
    Chris

    PS Now that I think about it, we run a lot of telnet traffic (read: clear
    text). Perhaps this would be a good implementation, as this application runs
    across our entire lan/wan infrastructure.

  • Next message: Joe Richards [MVP]: "Re: password expiration policy for admin and system accounts ?"

    Relevant Pages

    • Re: IPSec questions
      ... Transport mode is used for host to host traffic. ... one endpoint is a gateway and is mostly used to ... A common use of tunnel mode is when ... Ipsec endpoint devices are used like those you can buy from Netgear, ...
      (microsoft.public.win2000.security)
    • Re: Securing Communication Between Domain Members and their Domain Controllers
      ... look into using an ipsec tunnel into a gateway computer or ipsec endpoint device or ... > located stand alone servers. ... > integrte them into a single secure Active Directory Domain. ... > member servers to communicate this way, looking through the MS tech. support ...
      (microsoft.public.win2000.security)
    • Win2003 Servers hidden from Network Browse list when using IPSec
      ... computers in that OU to use IPSec. ... in the Domain Controllers OU, and are exempted completely from IPSec, ... IPSec where they are supposed to, and all show up in the Network ... My Windows 2003 Servers (member servers, ...
      (microsoft.public.windows.server.security)
    • OU GPO Corrupts 2003 Servers only??
      ... I setup a GPO on the Servers OU and began moving servers into it a ... connectivity to it, so I brought up the remote console through the iLo ... First error msg in the System eventlog was for IPSec. ... inbound and outbound TCP/IP network traffic that is not permitted by ...
      (microsoft.public.windows.group_policy)
    • Re: Preventing users from c onnecting to shares NOT on the domain..
      ... Are servers on same subnet as clients? ... Yes Kerberos is domain wide but IPSec policy can be OU, ... If you require this computers to communicate with other ... >> and your clients will not want to talk to them. ...
      (microsoft.public.win2000.networking)