IPSEC Filter

[Stephen]

Archived from groups: microsoft.public.win2000.security (More info?)

Setup IP filter to allow block incoming traffic and allow
outgoing traffic and allow traffic for proxy and DNS. The
filter starts blocking incoming traffic as it should. Then
user cannot browse Internet. Unchecking Incoming rule
allows user to browse Internet. Rechecking Incoming rule
still allows user to browse Internet. Until a reboot.
Anyone experience this?

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

Ipsec filters [versus IP filtering] should not be reset from a reboot. Make sure to
unassign a policy to modify it and the assign it when done. You can use netdiag from
the support tools to view your current ipsec filter via "netdiag /test:ipsec /v ". I
would concentrate more on having the correct filter rules in the first place. Dns
would require a mirrored rule for permit outbound port to 53 udp from my IP, from any
port, to any IP [or your ISP dns servers]. --- Steve


"Stephen" <anonymous@discussions.microsoft.com> wrote in message
news:288d701c46501$35fca920$a601280a@phx.gbl...
> Setup IP filter to allow block incoming traffic and allow
> outgoing traffic and allow traffic for proxy and DNS. The
> filter starts blocking incoming traffic as it should. Then
> user cannot browse Internet. Unchecking Incoming rule
> allows user to browse Internet. Rechecking Incoming rule
> still allows user to browse Internet. Until a reboot.
> Anyone experience this?