IPSec configuration on Win 2000 Adv Server

P

Patrick

How do I configure a IPSec connection between a Win 2000
system and a Win 2000 Adv Server? Both systems are on the
same subnet. I am running Radius services and wish to
authenticate users over the IPSec connection.

Any suggestions?

Thanks,
 
S

Steven Umbach

Assuming they do not have any ipsec policy configured at the domain/OU level,
configure an ipsec policy in Local Security Policy on each computer. You could
use the built in require policy as a model with the only difference being the
destination address would be the other computer's IP address which you would
want to be static. If both computers are in the same domain, kerberos will be
used for machine authentication. If they are not you will need to configure
either certificate or preshared key for machine authentication. Certificate
would be much more preferred, while pre shared key will work fine as long as the
pre shared key is complex and you understand that it is possible to extract the
pre shared key from the machine as it is stored in clear text. When done with
your policy, assign them on each computer and use ipsecmon to see if the policy
works. See the link below for more info. --- Steve

http://www.microsoft.com/windows2000/techinfo/planning/security/ipsecsteps.asp
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

IPSEC PolicyAgent Service failure on first boot of new server 3
IPSec between Win2000 and Win2000 Adv Server 1
IPSec on webserver 3
IPSec without encryption between intranet and standalone 7
Configuring Port range in IPsec 14
Remote Desktop Connection does not encrypt with ipsec 3
IPSEC & SQL Server 1
Need IPSEC Polict Agent? 1

Top