IPSec how to block only incomming traffic

IPSec how to block only incomming traffic
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
IPSec how to block only incomming traffic christofer fran 11-29-2005
Posted by =?Utf-8?B?Y2hyaXN0b2ZlciBmcmFu on November 29, 2005, 6:23 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi!

I'm trying to use ipsec to permit incoming traffic from every subnet except
a few.
The computer is allowed to communicate with any other computer.
I block every incoming traffic, not mirrored and permit the subnets I want
to communicate, not mirrored.
The result is that I only can communicate with the few subnets that is
permitted to communicate in to my computer.
I have only put filters for incoming traffic but it affect outgoing traffic
as well.
Again the mirrored option is disabled.

/christofer


Posted by Roger Abell [MVP] on November 29, 2005, 9:04 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Did you have some sort of question ??

That you have not blocked outgoing, but you see no result from
and outgoing that goes to a not allowed incoming IP is most likely
not that the outgoing was blocked, but that the return result was.
Have you looked at the actual packets on the wire to see what
is being allowed ??

> Hi!
>
> I'm trying to use ipsec to permit incoming traffic from every subnet
> except
> a few.
> The computer is allowed to communicate with any other computer.
> I block every incoming traffic, not mirrored and permit the subnets I want
> to communicate, not mirrored.
> The result is that I only can communicate with the few subnets that is
> permitted to communicate in to my computer.
> I have only put filters for incoming traffic but it affect outgoing
> traffic
> as well.
> Again the mirrored option is disabled.
>
> /christofer
>



Posted by Steven L Umbach on November 29, 2005, 2:31 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I think the problem is that you need to mirror the filter entry for the
subnets you want to permit. What I usually do is to create a block all IP
mirrored rule and then configure a permit filter action in a rule with a
filter list that contains mirrored entries for the subnets I want to allow
and it always works. --- Steve


> Hi!
>
> I'm trying to use ipsec to permit incoming traffic from every subnet
> except
> a few.
> The computer is allowed to communicate with any other computer.
> I block every incoming traffic, not mirrored and permit the subnets I want
> to communicate, not mirrored.
> The result is that I only can communicate with the few subnets that is
> permitted to communicate in to my computer.
> I have only put filters for incoming traffic but it affect outgoing
> traffic
> as well.
> Again the mirrored option is disabled.
>
> /christofer
>



Similar ThreadsPosted
automated IPSEC policy creation and SMB traffic October 26, 2005, 1:02 pm
Can IPSec connect 2 VPN Clients or is ALWAYS an IPSec server needed ? July 25, 2005, 3:40 pm
Curious DNS traffic October 17, 2007, 3:18 pm
Re: About malicious traffic and how to identify it... February 15, 2006, 5:20 pm
Traffic from Computers that are Powered off 1 February 8, 2007, 7:43 am
Where to look for exessive downloaded traffic? January 11, 2008, 6:25 pm
Unexplained high broadband traffic October 13, 2007, 10:49 am
Strange Traffic Coming from the NetBios Service March 16, 2006, 12:05 pm
outbound traffic to unknown addresses using ports 134, 137, and 10 June 26, 2007, 2:12 pm
Please help interpret Sygate Personal Firewall traffic log (ndisuio.sys) February 19, 2006, 11:10 am

The site map in XML format XML site map

Contact Us | Privacy Policy