W
william
Group: microsoft . public . windowsxp . security_admin
I have a couple of computers with 802.11b wireless cards.
I gather that without an access point, all cards broadcast
the SSID all the time?
I tried to set up IPSec, using the appropriate group policy
settings.
1) What is the default rule for? If I manually set IPSec on each
computer involved, do I need to use the default rule?
2) When the two computers connect -- and there is pause for them
to connect, presumably setting up the encrypted channel -- I do see
an SA (Security Association). However, I don't understand what Quick
Mode and Main Mode are, in the ipsec monitor. Do those correspond to
the key exchange phase and the, um, I forget, next phase, in the ipsec
documentation?
In the QuickMode SA, I see SAs which say <none> for Authorization, and
this concerns me; does that mean the computers didn't actually authorize?
Authorization is something I want them to do. I'm using shared secrets,
as that seems an easy way to get this set up, and for only two computers,
it is not much burden to keep them synchronized.
(The computers involved use XP; so I'm using the mmc snapins to
set the ipsec policy and to monitor active SAs -- I assume they are
the only way to do so.)
I have a couple of computers with 802.11b wireless cards.
I gather that without an access point, all cards broadcast
the SSID all the time?
I tried to set up IPSec, using the appropriate group policy
settings.
1) What is the default rule for? If I manually set IPSec on each
computer involved, do I need to use the default rule?
2) When the two computers connect -- and there is pause for them
to connect, presumably setting up the encrypted channel -- I do see
an SA (Security Association). However, I don't understand what Quick
Mode and Main Mode are, in the ipsec monitor. Do those correspond to
the key exchange phase and the, um, I forget, next phase, in the ipsec
documentation?
In the QuickMode SA, I see SAs which say <none> for Authorization, and
this concerns me; does that mean the computers didn't actually authorize?
Authorization is something I want them to do. I'm using shared secrets,
as that seems an easy way to get this set up, and for only two computers,
it is not much burden to keep them synchronized.
(The computers involved use XP; so I'm using the mmc snapins to
set the ipsec policy and to monitor active SAs -- I assume they are
the only way to do so.)