Re: IPSEC changes in Service Pack 2

From: Mark Swift [MSFT] (mswif_at_online.microsoft.com)
Date: 08/24/04

• Next message: Mark Swift [MSFT]: "Re: Windows XP IPSec client with 3rd party CSP"
• Previous message: Cari \(MS MVP\): "Re: SP2 update causes no boot."
• In reply to: Christopher Black [MSFT]: "Re: IPSEC changes in Service Pack 2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 24 Aug 2004 14:40:52 -0700

IPsec in XPSP2 now automatically opens up holes in the Windows Firewall if
there is policy assigned. It also closes them if policy is then unassigned.

-- 
Mark Swift
Software Test Engineer
IP Security
Windows Networking
Microsoft
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at 
http://www.microsoft.com/info/cpyright.htm
-- 
"Christopher Black [MSFT]" <christb-nospam@microsoft.com> wrote in message 
news:%232EUBUAfEHA.904@TK2MSFTNGP09.phx.gbl...
> IPsec requires that inbound traffic be allowed to UPD-500 (and UDP-4500). 
> The default state of the Windows firewall (that is now on by default) will 
> block the inbound UDP500/4500 traffic. You should add a rule to allow 
> inbound traffic on these ports.
>
> "Jones" <anonymous@discussions.microsoft.com> wrote in message 
> news:161a01c47bbe$a5275ec0$a401280a@phx.gbl...
>> We use  a small utility from a company called ReefEdge
>> that authenticates users and allows access to our wireless
>> network.  It is called the MDU or Mobile Domain Utility
>> client.  Basically, using IPSEC it authenticates a user's
>> domain login and allows a user to use the wireless
>> network.  After installing Windows XP Service Pack 2, it
>> no longer works.  Uninstalling SP2 fixes the issue.  So
>> what is changed with IPSec in SP 2 that may be causing
>> this problem?
>>
>> Any ideas....?
>>
>> -Jones
>
> 

• Next message: Mark Swift [MSFT]: "Re: Windows XP IPSec client with 3rd party CSP"
• Previous message: Cari \(MS MVP\): "Re: SP2 update causes no boot."
• In reply to: Christopher Black [MSFT]: "Re: IPSEC changes in Service Pack 2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: ipsec between 2 XP machine doesnt work ... Possibly you don't have compatible settings for quick mode which is where ... Ipsec will not work without configuring the ... Windows Firewall ipsec exemption. ... (microsoft.public.windowsxp.security_admin) Re: IPSEC ... Except that there is no Windows Firewall in Windows 2000. ... > More specific filter actions will win.... ... Ipsec is a good way to learn how to setup basic ... >> allow any traffic in with a source port of 80 TCP. ... (microsoft.public.win2000.general) Re: IPSEC ... Except that there is no Windows Firewall in Windows 2000. ... > More specific filter actions will win.... ... Ipsec is a good way to learn how to setup basic ... >> allow any traffic in with a source port of 80 TCP. ... (microsoft.public.win2000.security) Re: IPSEC changes in Service Pack 2 ... IPsec requires that inbound traffic be allowed to UPD-500. ... The default state of the Windows firewall will ... > network. ... It is called the MDU or Mobile Domain Utility ... (microsoft.public.windowsxp.security_admin) Re: Server 2008 with Hyper-V - domain controller - Firewall GUIs show firewall ON, but n ... This physical computer has only one network adapter and there are virtual machines that communicate with each other, other LAN attached computers and the Internet, so yes, there is a virtual network linked to the NIC. ... If I run the Start, Administrative Tools, Windows Firewall with Advanced Security it tells me: ... some settings are controlled by Group Policy ... 88 TCP Any ... (microsoft.public.windows.server.networking)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint