locked
configuring IPsec to specific port: Windows server 2008 RRS feed

  • Question

  • Hi,

    I configured Ipsec between two machines as follows.

    1. Created inbound firewall rule to acept incomming secured traffic to a port (Ex: X).
    2. Created a connection security rule by setting following command.

    netsh advfirewall consec add rule name="Test" endpoint1=any endpoint2=<Ip of other machine> action=requireinrequestout description="Test rule" profile=any

    Now I can connect to the port X without any problem.

    My issues are follows.

    After removing Ipsec configuration from one machine I lost every connection to other computer(remote desktop, pinging). As I found the reason is connection security rule is defined to authenticate every traffic regardless of to which port traffic is comming.
    So, What I need to do is to configure IPsec to the traffic only comming to port X.

    1. Is it possible to do?
    2. I tried with adding port1 parameter to conection security command as follows.

    netsh advfirewall consec add rule name="Test" endpoint1=any endpoint2=<Ip of other machine> action=requireinrequestout description="Test rule" profile=any port1=X protocol=tcp

    Now, I can't connect to the port X (Losing connections are not present now).

    So, If anyone has an idea, pls reply...

    Thanks
    Buddhika



    asa
    Wednesday, April 1, 2009 9:42 AM