Guest oz.ozugurlu Posted October 15, 2008 Posted October 15, 2008 Guys I do appreciate if someone can point me to setting up IPSEC trough WF.msc. I understand the WF.msc combined most of the configurations including IPSEC. I need to set IPSEC on two of the domain controllers will be talking back to couple other DC’s on different sites. I will have to allow security folks to scan any service and port on the domain controllers as well. I am not sure how to let the security folks dropped in the IPSEC tunnel , since they want to monitor in and out of the tunnel Any pointer to KB or step by step document would be appreciated --oz -- Oz Ozugurlu MVP (Exchange) MCITP (EMA), MCITP (SA) MCSE 2003, M+, S+, MCDST Security+, Project +, Server + oz@SMTp25.org http://smtp25.blogspot.com (Blog) Quote
Guest S. Pidgorny Posted October 16, 2008 Posted October 16, 2008 You cannot use network-based tools to monitor traffic encapsulated in IPsec tunnels. That is the whole point.So NIDS is out. You can allow scanning of services and ports - through IPsec, for example -- Svyatoslav Pidgorny, MCSE, RHCE -= F1 is the key =- http://sl.mvps.org http://msmvps.com/blogs/sp oz.ozugurlu wrote:<span style="color:blue"> > Guys I do appreciate if someone can point me to setting up IPSEC trough > WF.msc. I understand the WF.msc combined most of the configurations including > IPSEC. > I need to set IPSEC on two of the domain controllers will be talking back to > couple other DC’s on different sites. > > I will have to allow security folks to scan any service and port on the > domain controllers as well. I am not sure how to let the security folks > dropped in the IPSEC tunnel , since they want to monitor in and out of the > tunnel > Any pointer to KB or step by step document would be appreciated > > --oz > </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.