Ipsec

I just discovered IPSEC on my Win2k system. What a great find! I have it set up as a basic packet filter now, allowing what ports and addresses I need outbound, and blocking everything inbound. No need for a 3rd party firewall anymore. No app control, but who cares? I don't need it anyway.

Question: I don't suppose there's any way to get some kind of logging out of IPSEC is there? I don't really need it I guess since I've seen what typical stuff comes in here with all my other firewalls, but I'm just curious if it's possible... I don't see any way to do it so far..

Reply to
Kerodo
Loading thread data ...

Thanks very much for the links Duane. I'll read them now..

Reply to
Kerodo

Also found this link on IPSEC for anyone who's interested. It's sort of a How-To on setting up a packet filter using IPSEC.

formatting link

Reply to
Kerodo

Kerodo wrote in news:MPG.1c62d145a5f7493c989680 @news.west.cox.net:

IPsec is cool but it's a pain in the ass with the high ports when a high port is used for a download. You either have to create rules or drop IPsec. If you're behind an appliance or PFW, then that's no big deal with dropping IPsec. It also interfered with the logging from the router where I had to set rules to let the logging in on the port that the logging application running on the machine needed open - just a little FYI.

If you don't know about the AnalogX file, then take a look at the rules (a good way to learn rules and protocols) that are made for HTTP, POP3, NNTP, etc and you can implement the AnalogX file on Win 2k, XP and Win 2K3 O/S.

formatting link
It has logging but I never used it and it may or may not be what you're looking for.

formatting link
I used IPsec to supplement BlackIce on the outbound and BlackIce did report on the activies of IPsec when Ipsec was doing the blocking.

Duane :)

Reply to
Duane Arnold

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.