Solved

IPSEC: Windows 2003 server to XP client

Posted on 2006-07-18
3
188 Views
Last Modified: 2013-12-04
Due to legal requirements, I need to have some implentation of IPSec from a Windows 2003 server to XP clients.
No firewalls to worry about, just client traffic on the LAN.

Does someone have an example of settings on BOTH the server and the XP clients to enable (and require) IPSec to access applications?
I've seen Microsoft's whitepapers and other abstracts, but nothing with enough detail.

Alternatively, if you would like to recommend a 3rd-party solution that's easy to configure, that would be fine too.
I just need something, soon...
Thanks!
0
Comment
Question by:mcoleson
  • 2
3 Comments
 
LVL 12

Assisted Solution

by:Phil_Agcaoili
Phil_Agcaoili earned 500 total points
ID: 17131945
Setting Up the Windows Server 2003 PPTP and L2TP/IPSec client: http://www.isaserver.org/img/upl/vpnkitbeta2/win2003client.htm

Also, if you want something easier for the long term, I suggest looking at SSL VPNs from Cisco, Juniper, or F5.
The term "SSL VPN" is actually a misnomer because you can get to almost ANY application besides SSL or Web-enabled application through this device. SSL is how you connect, but F5 Firepass, for example, allow you to simply tunnel SSH, Netbios, FTP, RDP, or any other application through an SSL encrypted connection.

You place your Windows 2003 server behind the SSL VPN and your clients simply use ANY Web browser to connect to the SSL VPN using https (443/TCP).

IPSec VPN clients are clunky and tend to be a harder implementation with clients, groups, users, and IPSec VPN configuration versus deploying an SSL VPN and only dealing with a Browser and not caring what operating system that the client is coming from.
0
 
LVL 12

Accepted Solution

by:
Phil_Agcaoili earned 500 total points
ID: 17132001
Here are some more good guides on how to configure IPSec on Windows 2003 and on XP Clients: http://www.howtonetworking.com/articles/msipsec.htm
0
 

Author Comment

by:mcoleson
ID: 17166360
Thanks Phil. These led me to the info I needed. much appreciated.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now