Need IPSec Help

  • Thread starter Thread starter Guest
  • Start date Start date
Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

Hello,

I've set up an IIS 5 webserver running http, ftp, and smtp. I've assigned an
IPSec policy to accept connections to the following ports: 20, 21, 25, 53
(tcp and udp), and 80. I can connect to the website fine, and ftp in also,
but the smtp server is not able to send email msgs. They hang in the queue
folder and eventually end up in the badmail folder. Also, I cannot ping or
connect to any outside hosts (using IE).

Does anyone have any recommendations as far as what other ports I would need
to open? I can live without IE being able to connect to any remote sites,
but I do need the smtp functionality.

BTW, I previously tried the same routine using TCP/IP Filtering, and got the
same results.

Any help would be appreciated.

Thanks.
 
Archived from groups: microsoft.public.win2000.security (More info?)

It sounds like your ipsec policy is blocking initiated outbound traffic to ports
80/443 [https] and 25 TCP and probably 53 UDP. I prefer a hardware firewall or
software firewall to ipsec in most situations but when I do use it I start out with a
block all IP rule and then create a rule for the allowed exceptions for inbound and
outbound including ICMP if I want to use ping. The outbound mirrored rule would need
to be source address my address, destination address any [or specific server], source
port any, destination port 25, protocol 25 for SMTP for instance. The link below may
be of help. --- Steve

http://www.securityfocus.com/infocus/1559

"George J" <gjewell@houston.rr.com> wrote in message
news:KHq4d.13357$Qb.5937@fe2.texas.rr.com...
> Hello,
>
> I've set up an IIS 5 webserver running http, ftp, and smtp. I've assigned an
> IPSec policy to accept connections to the following ports: 20, 21, 25, 53
> (tcp and udp), and 80. I can connect to the website fine, and ftp in also,
> but the smtp server is not able to send email msgs. They hang in the queue
> folder and eventually end up in the badmail folder. Also, I cannot ping or
> connect to any outside hosts (using IE).
>
> Does anyone have any recommendations as far as what other ports I would need
> to open? I can live without IE being able to connect to any remote sites,
> but I do need the smtp functionality.
>
> BTW, I previously tried the same routine using TCP/IP Filtering, and got the
> same results.
>
> Any help would be appreciated.
>
> Thanks.
>
>
>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom