[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

IPSec from one network segment to a second segment

Posted on 2005-04-12
6
Medium Priority
?
177 Views
Last Modified: 2013-12-04
I have been tasked with finding a way to set up an IPSec tunnel from one network segment to another network segment.  I have 300+ machines (WinXP, and 2000) on one segment, and 6 (Server 2003) on the other segment.  There is a firewall between the segments wiht only ports TCP 50, TCP 51, and UDP 500 open.  I have been told that you can then tunnel through that with IPSec to initiate communication from Windows XP, and 2000 to the Server 2003 servers on the other side.  

Does anyone know how to do this, or of a site that details this?  
Do I need a router on either side?  Can it be done without a router?

Thanks for any help.

JR
0
Comment
Question by:JKandG
  • 2
4 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 13763867
0
 

Author Comment

by:JKandG
ID: 13764162
They want this done without using VPN.  This would be a direct computer to server connection.  I don't want the users to have to launch VPN to get to the file server.  

Also, (I did not say this before) the 2 networks are in the same building.  

JR
0
 
LVL 12

Assisted Solution

by:Phil_Agcaoili
Phil_Agcaoili earned 500 total points
ID: 13766593
What kind of firewall/VPN device do you have?

This is a typical config:


Network A -----------FW/VPN ------- Network B (Servers)

Enable IPSec VPN rules on your firewall/VPN, use VPN client software on each of the 300 XP/2000 systems in Network A (where each system has the VPN Client launch on boot or logon), they VPN to the FW, have specific rights to the 6 Servers on Network B, and then they can access each specific server in Network B, have IPSec encryption, and are authenticated.

If you want to use IPSec on each specific server, not recommended follow this guide:
Win2k--
http://www.windowsecurity.com/articles/Securing_Data_in_Transit_with_IPSec.html
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 13767214
The links I provided show you how to setup IPSEC tunneling on win2k or xp. IPSEC is built-in to win2k and after nativly, and can be deployed using AD or copying the xxx.ipsec file to the machines and assigning them.
-rich
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
OfficeMate Freezes on login or does not load after login credentials are input.
Screencast - Getting to Know the Pipeline
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question