+ Post New Thread
Results 1 to 2 of 2
Wireless Networks Thread, Why is this IPsec setup not working??? in Technical; Here is what I want to happen: One server running IIS7 currently sitting on the domain. I want it to ...
  1. #1
    themightymrp's Avatar
    Join Date
    Dec 2009
    Location
    Leeds, West Yorkshire
    Posts
    1,201
    Thank Post
    211
    Thanked 222 Times in 191 Posts
    Rep Power
    72

    Why is this IPsec setup not working???

    Here is what I want to happen:

    One server running IIS7 currently sitting on the domain.
    I want it to be secured using IPsec so that port 80 and 443 are open to ALL machines unsecured but all other ports are secure.
    I want specified client PC's to be able to communicate with the server via IPsec to access shares etc


    This is what I have:

    One OU containing client machines with a standard Client IPsec policy installed (the built in one)
    One OU containing the server with the following options defined:

    Web Filter Name Settings

    Allow web access Permit any source IP address to My IP address over TCP port 80
    Permit any source IP address to My IP addres over TCP port 443

    Allow domain logins Allow communication from specific IP address (the DC) to My IP address over ANY port to ANY port

    All IP traffic Require security from ANY IP address to My IP address over ALL ports

    This is what I get:

    Machine WITH IPsec policy installed - Can ping server
    Can access server shares
    Unable to access web site on port 80 or 443

    Machine WITHOUT IPsec policy - Cannot ping server
    Cannot access shares
    Can see web site over ports 80 and 443

    I can't figure out why I can't get web access over the IPsec connection???? Everything else is perfect!!!

    Any ideas????

  2. #2
    themightymrp's Avatar
    Join Date
    Dec 2009
    Location
    Leeds, West Yorkshire
    Posts
    1,201
    Thank Post
    211
    Thanked 222 Times in 191 Posts
    Rep Power
    72
    Never mind, sorted it!

    All I needed to do was add a filter to the Client IPsec side of things to allow data FROM the server over port 80/443 to client machines with a Permit action. All is now working perfectly.

    Sounds so simple when I read it now

SHARE:
+ Post New Thread

Similar Threads

  1. new wpad setup not working
    By pritchardavid in forum Windows
    Replies: 7
    Last Post: 19th May 2011, 01:02 PM
  2. Routing second subnet over IPSEC
    By _Bat_ in forum Wireless Networks
    Replies: 0
    Last Post: 7th November 2010, 04:09 PM
  3. IPSec
    By k-strider in forum Wireless Networks
    Replies: 5
    Last Post: 24th October 2006, 10:05 PM
  4. ipsec
    By browolf in forum Wireless Networks
    Replies: 6
    Last Post: 16th December 2005, 03:18 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •