Questions about using IPsec across domains

Hello,

I have a small network of W2K3 servers and XP clients. We're
physically separated from the main office and we need the local domain
to see a the remote domain.

The folks on the other end put all their traffic into IPsec. I'm new
to some of this but apparently what they are doing is all traffic is
eventually port 88. And vulnerable ports, such as 139 for example,
make it through the firewall because even though it's port 139
traffic, it appears as port 88.

The reason for the cross domain connection is there is a service on
our end, which is going to reach out to one of the other domain's
servers, and move files from a folder on their sever to a folder on
one of our hosts. Yes, there are probably other ways to do this, like
FTP for example, but it is what it is... For a number of reasons which
are way beyond the scope of this post we are constrained by what we
already have.

When discussing how to connect the domains, the distant end asked me
if we are using any Windows XP clients. We replied yes as the service
to move the files from the distant folder to the local folder resides
on one of the XP clients. The distant end then told me I'd have to
move the service to one of the W2K3 boxes as the IPsec on Windows XP
cannot handle what we are asking for.

The conversation for the moment kinda died there. My questions to the
forum are is what is different in Windows XP from 2000, Server, or
Vista? Is there a way around this limitation? I've seen articles
about modifying NoDefaultExempt in HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet\Services\IPSEC. Or does that fix even apply for
what I'm talking about.

Any insight, suggestions, or tech data is greatly appreciated.

Thanks!
.

Relevant Pages

  • Re: Gnome Web Share tools
    ... After the port there are protocol-dependant values. ... printers if you want to do printers. ... and with an mDNSResponder running servers ... folder and configure a server to publish them. ...
    (Fedora)
  • Script behind published form will not execute for some users
    ... The problem exists the first time they open the form before it is ever even ... All clients are using Outlook 2003 and our servers are Exchange 2003. ... Organizational folder but nothing seems to work. ...
    (microsoft.public.outlook.program_forms)
  • Re: iptables question with multiple interfaces
    ... I want to allow clients on eth1 to be able to connect to any port 25 ... If you want to prohibit the clients on eth2 from connecting to SMTP servers outside their own network: ...
    (comp.os.linux.networking)
  • Re: [SLE] Samba slows down?
    ... As I said, sometimes works fast, but when it slows down it's simply ... >XP clients connected to Windows NT4 servers, ... >a folder that has a lot of photos with XP client, first time it's ok, ...
    (SuSE)
  • Re: [SLE] Samba slows down?
    ... XP clients connected to Windows NT4 servers, ... a folder that has a lot of photos with XP client, first time it's ok, ...
    (SuSE)