Re: IPSec Security

So any machine on the 172 side should be able to browse+copy to/from
machines on the 192 side, and no machine on the 192 side should be able
to do so; and, there are W2k and XP on both sides ??

Did you try, for machines on the 172 side
block non-mirrored from any address to my address (for 13*+445 of relevant
protocols)
allow mirrored from my address to any address (for same ports/protocols)
?

Also, set permissons on the shares of machines on 172 side so no account
on 192 side could be granted access, and adjust the Hidden and Announce
reg keys so that they do not advertise their presence.


<bucrepus> wrote in message news:eF0vUsbIGHA.2928@xxxxxxxxxxxxxxxxxxxxxxx
>I have W2000 boxes on each side also..
>
> "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx> wrote in message
> news:%23WuI7xZIGHA.516@xxxxxxxxxxxxxxxxxxxxxxx
>> One simple solution is to turn on the XP SP2 firewall on machine XP1 and
>> do not allow exceptions.
>>
>> <bucrepus> wrote in message news:OvpnONSIGHA.2696@xxxxxxxxxxxxxxxxxxxxxxx
>>> For the sake of simplicity, I have 2 xp stations and 1 win2003 server as
>>> router with 2 NICS. (actually have numerous machines on each side
>>> subnet)
>>> XP station1 on 172.18.6.100 and XP 2 on 192.168.0.100. One server nic
>>> 172.18.6.1 and the other 192.168.0.1. I want to be able to copy / browse
>>> files from XP1 to XP2, but NOT allow XP2 to browse / see any machines on
>>> XP1's side. I have tried using IPSec to block the SMB 13x ports and 445,
>>> but
>>> cant seem to get the right combo. Any ideas? in other words, I dont want
>>> anyone on XP2 to be able to go to the run box and type \\XP1 or
>>> \\172.18.6.100 and get a browse window or share list. (One way copy /
>>> list)
>>> Thanks
>>> Bucrepus
>>>
>>>
>>>
>>
>>
>
>


.

Relevant Pages

  • Re: Cleaning up Duplicate GUIDS
    ... Create a collection of machines with duplicate guids. ... Advertise newuid.exe /s /allocate to the collection. ... > I need a script to either run it from a package on a server or copy it ...
    (microsoft.public.sms.admin)
  • Re: Import from EXcel to Access
    ... facility with 40 or so buildings? ... Note the reg keys are hkey_local_machine. ... If all the users have admin ... admins have the machines locked down there's not much you can do. ...
    (microsoft.public.access.externaldata)
  • Re: Equal Pay and the Unfairer Sex!
    ... because I farted in her presence. ... men make the machines that ... run industry then women come along and stop production because somebody ...
    (soc.men)
  • Equal Pay and the Unfairer Sex!
    ... A woman at work waged a psychological campaign against me for a day ... because I farted in her presence. ... men make the machines that ... What pathetic, petty, vindictive and selfish things they are. ...
    (soc.men)
  • Re: Equal Pay and the Unfairer Sex!
    ... because I farted in her presence. ... men make the machines that ... run industry then women come along and stop production because somebody ...
    (soc.men)