Help with IPSec

A

Anonymous

In Windows Vista, I have enabled the built-in Secure Server IPSec rule.
Since I cannot find any built-in rules in Windows Vista, how can I enable
secure communication between Vista and the XP machine? Where can I find some
sort of guide or information on this? I have searched Google and Microsoft,
but couldn't find anything too useful for Windows Vista. Thanks in advance.
 
J

Jesper

First, what exact threat are you trying to mitigate? IPsec is for enterprise
use primarily. If you only have a couple of machines on a small network it is
really not necessary, or shouldn't be anyway.

Second, there is not really a single paper on how to use IPsec for specific
problems. The Vista book (see my sig) has some general walk-throughs, and
there is a whole host of free information at the Microsoft IPsec Tech Center:
http://www.microsoft.com/ipsec.

The general way to approach this would be to first figure out what your
objective is, then analyze the traffic you need to permit, and how, to meet
that objective. Finally, build yourself rules for securing that traffic. For
example, if you simply want all traffic between two computers to be
authenticated you can set up a Connection Security Rule in the Windows
Firewall with Advanced Security to do that. You would use a Server-to-Server
rule, specify the two addresses and specify an authentication protocol. Doing
the same thing on XP is quite a bit more involved, but the very first
white-paper on the Tech Center (even though it says it is for Windows Server
2003) will help you.
 
A

Anonymous

Thank you, Jesper, for your informative post!

Jesper said:
First, what exact threat are you trying to mitigate? IPsec is for enterprise
use primarily. If you only have a couple of machines on a small network it is
really not necessary, or shouldn't be anyway.

Second, there is not really a single paper on how to use IPsec for specific
problems. The Vista book (see my sig) has some general walk-throughs, and
there is a whole host of free information at the Microsoft IPsec Tech Center:
http://www.microsoft.com/ipsec.

The general way to approach this would be to first figure out what your
objective is, then analyze the traffic you need to permit, and how, to meet
that objective. Finally, build yourself rules for securing that traffic. For
example, if you simply want all traffic between two computers to be
authenticated you can set up a Connection Security Rule in the Windows
Firewall with Advanced Security to do that. You would use a Server-to-Server
rule, specify the two addresses and specify an authentication protocol. Doing
the same thing on XP is quite a bit more involved, but the very first
white-paper on the Tech Center (even though it says it is for Windows Server
2003) will help you.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

IPsec and user certificates 2
IPsec and user certificates 3
IPSec monitor snap-in 30
IPSec monitor snap-ins 1
IPSec Monitor Snap-ins 2
Free VPN (IPSec) Client? 2
Nest Guard has hidden microphone 2
problem with enabling ipsec on windows xp 2

Top