TreeWalk DNS
How To Create IPSec RulesWhere can I get this "policy" package? You can download IpSecFilter.zip (including a basic readme.txt file) from this site. Need more info? We'll provide graphics and outline the simple steps to install IPSec on your Windows 2000 or XP computer next. (NOTE: not all windows will be shown so in some cases you may need to apply the appropriate "Okay", "Apply" or "Close" buttons to proceed to the next step.) The start page for this topic is IPSec Policies. If you already use IPSec and you want to try the download offered from this site, you should export your current policy filters to a safe place first. The graphic described is shown on our Windows 2000 IPSec page and includes a similar description below it. This page is also referenced from our Windows XP IPSec page. The IPSec Policy available for download above can be used for either Operating System. Text from the Windows 2000 IPSec page: "The 'IP Filter List' window is where you can Add, Edit or Delete specific rules. We've selected 'SQLServer client' in our example and chose 'Edit' again. You can remove certain rules here if you don't use or need them, but they're included to give you a pre-defined rule-set that should work in most (if not all) cases. (Note that adding filters with the Wizard can be a pain, so you might want to uncheck 'Use Add Wizard' if you want to add a new filter and rules.) The six rules in this filter that are outlined with a red box are rules that have been added..." We look closer at adding rules to an IPSec Filter next. Disclaimer! The sample we've portrayed below is only an example, it may not work for your system and we don't condone or endorse Gmail for any reason. It's just an example! We're going to examine a Windows XP IPSec Policy filter rule for "gmail" next, but the same rule can be applied to Windows 2000. The filter editing properties for XP and W2K are much the same and we'll assume you're already at the "IP Filter List" window to start with: At the "IP Filter List" screen for our "Allowed ports/protocols" example we've selected a filter called "pop.gmail.com" which is used for POP access to a Gmail email account in this case. The "Addressing" tab for "Filter Properties" shows "Any IP Address" for a "Source address" so any server that answers as "pop.gmail.com" can connect to your computer, provided that "pop.gmail.com" is the server you've listed in your email client. The "Mirrored" checkbox is enabled so only packets that match the exact source and destination will be permitted. In our case here the "Destination address" is a match for "My IP Address". The next tab, "Protocol", is where you would set the protocol type and the port to use. We've selected TCP and set the port to listen on as port 995. We'll accept any packets from "pop.gmail.com" on port 995 to any port on our machine. For the "Description" tab we've just entered "pop.gmail.com TCP:995" for easy recognition. Here you would use the "Okay" button to close "Filter Properties" and save the filter. Back at the "IP Filter List" we'll take a look at the other rule needed for the Gmail POP filter, described as "smtp.gmail.com". It's selected and the "Okay" button is pressed. Again, the "Addressing" tab for "Filter Properties" shows "Any IP Address" for a "Source address". The "Mirrored" checkbox is enabled so only packets that match the exact source and destination will be permitted. In our case here the "Destination address" is a match for "My IP Address". This defines the SSL port for the Gmail SMTP connection as TCP port 587. Provide a descriptive name for the filter so it will be easy to find it in the future. If you do make any changes, you'll be prompted at the end to save them. Select "Yes"! Disclaimer! The sample we've portrayed above is only an example, it may not work for your system and we don't condone or endorse Gmail for any reason. It's just an example! That's all there is to it! Happy surfing! |
| Copyright © 2000-2008 treewalkdns.com All rights reserved |