Re: IPSEC Windwos 2008

Giganews Newsgroups
Subject: Re: IPSEC Windwos 2008
Posted by:  S. Pidgorny (slavic…@yahoo.com)
Date: Thu, 16 Oct 2008

You cannot use network-based tools to monitor traffic encapsulated in
IPsec tunnels. That is the whole point.So NIDS is out.

You can allow scanning of services and ports - through IPsec, for example

--
Svyatoslav Pidgorny, MCSE, RHCE
-= F1 is the key =-

*http://sl.mvps.org *http://msmvps.com/blogs/sp *

oz.ozugurlu wrote:
> Guys I do appreciate if someone can point me to setting up IPSEC trough
> WF.msc. I understand the WF.msc combined most of the configurations including
> IPSEC.
> I need to set IPSEC on two of the domain controllers will be talking back to
> couple other DC’s on different sites.
>
> I will have to allow security folks to scan any service and port on the
> domain controllers as well. I am not sure how to let the security folks
> dropped in the IPSEC tunnel , since they want to monitor in and out of the
> tunnel
> Any pointer to KB or step by step document would be appreciated
>
> --oz

Replies

None

In response to

IPSEC Windwos 2008 posted by oz.ozugurlu on Wed, 15 Oct 2008