Threads Replies Last Post 1 Pages: 1   Port used by Performance Monitoring ( PerfMon) in Windows server 2 Hi Guys, Does any knows which are the ports used by default tool i.e. Performance Monitoring (PerfMon) in windows server 2003 as we have got internal firewall, so need to open the port for the same so that it can be accessible remotely from any server. -- Regards, Ammar Server Analyst... 1 11/7/2008 4:58:01 AM Initiate IKE on 4500 http://www.ietf.org/rfc/rfc3947.txt, section 4, "Changing to New Ports", states: "Any implementation that supports NAT traversal MUST support negotiations that begin on port 4500. If a negotiation starts on port 4500, then it doesn't need to change anywhere else in the exchange." So, I've been digging through the documentation looking for how to convince a RAS entry to do this ... an... 1 11/3/2008 5:01:43 PM Firewall with IPSEC We have set up IPSEC on both a workstation and a server so that we can encrypt files being passed between the two. We also have Sygate as a firewall. After IPSEC was installed, if we do a simple ping test between the workstation and server, we get 'Negotiating IP Security' instead of replies unless we turn Sygate off. In Sygate I have tried to open ports IP 50, UDP 500, IP 51,... 1 10/30/2008 1:32:01 PM IPSec 3DES 2key? or 3key? Hi, In general TDES with three different keys (3-key TDES) has a key length of 168 bits: three 56-bit DES keys (with parity bits 3-key TDES has the total storage length of 192 bits). We are using Windows Server 2003 R2 SP2. Is the IPSec 3DES on the Server, 2-key mode or 3-key mode? Can you suggest MS Site or Doc written about this? ... 1 10/23/2008 10:12:07 PM IPSec between Unix and Windows I have a need to encrypt traffic from a legacy application hosted on an AIX server to windows clients. The information I have read seems to point at using certificate based IPSec to accomplish this or using ISA server as an IPSec proxy. Has anyone implemented either of these solutions, information has not been easy to find on how to do this. The application runs over Telnet and the client... 3 7/3/2007 6:54:01 PM MPACK Threat IPSeccmd and Vista As a response to the MPACK-Threat (10.000 Servers in Europe poisoned by an iframe that loads MPACK Trojan) we issued a Domain Policy stopping connections to 64.38.33.13 as recommended by e.g. Avira. Additionaly we issued the IPSeccmd Ipseccmd -x -w REG -p "MPACK Server block" -r "MPACK Server block" -n BLOCK -f 0/255.255.255.0+64.38.33.13/255.255.255.255 To every Client/Server whi... 2 7/3/2007 6:42:31 PM SonicWall "IPSec packet from or to an illegal host" I'm getting the following emailed to me a hundred times a day. Any ideas on whether it is coming from inside or outside my firewall, and how am i going to find what the 169 address refers to? the 10.1.1.2 is my server. 06/29/2007 16:57:01.816 - IPSec packet from or to an illegal host - 169.254.243.103 - 10.1.1.2 - SPI:0x300 This email was generated by: SonicOS Standard... 1 7/3/2007 2:04:44 PM How to allow internet trafic in an IPSec environment Hi experts, I'm performing some tests to implement IPSec in my network, but after to enable the IPSec police I loose my communication with internet, the intranet communication remain working as expected, in short my filters are configured as below: 1- Any <-> Intranet - Secure 2- Any <-> Infrastructure services - Permit 3- Me <-> Any ... 1 6/26/2007 5:51:00 PM slow sbs 2003 server Is it possible that an invalid IPSEC policy and filter settings could cause in/outbound traffic on my sbs2003 server to be extremely slow? peer-peer workstations are just fine. Dir-Dir inside the server when copying large files, works fine. However, any traffic such as copying files to/from the server from any workstation is SSLLOOWW! This started happening right after SP2 was instal... 1 6/26/2007 2:23:00 PM Is Policy Applied or Not? I have an IPSec policy applied to my DCs via GP (defaul domain controller policy). The RSoP on two DCs indicate that the policy is there and applied. However, 'netsh ipsec static show policy all' shows the policy on one but not the other! This is in line with what the servers are doing - the one that shows the DC policy in the netsh command is blocking the traffic I want but the one that... 6 6/14/2007 4:56:31 PM SA Quick Mode Complete but not encrypting Hi, I have two servers sitting on different sites. They have Kerio software firewalls running and I need to get IPsec working on them. To test the connection, Im trying to get traffic from one site to the other encrypted on port 80. I have setup the policies and I can see the Security Associations are successfully been established. However, the actual data doesn't seem to be passin... 2 6/12/2007 10:39:02 PM invalid inbound SPI vista ipsec I am trying to setup static SAs for ipsec on vista. It is allowing me to choose the outbound SPI but when I try to add the inbound SPI using IPsecSaContextAddInbound0 the API returns with no error but in the security monitor I see the "INVALID SPI" counter increasing. I looked at the sample code provided by microsoft and they use IPsecSaContextGetSpi0 to get the inbound SPI before adding the ... 1 5/24/2007 6:49:43 AM Active directory and IPSEC Hi, I have two sites that are connected via VPN. But the VPN is making the Internet connection VERY slow. Is there another option to connecting the two sites that doesn't use as much bandwidth? Maybe replicating AD through the Internet only? or SSL? If so, can someone point me in the right direction Thanks in advance J ... 1 5/23/2007 3:25:57 PM site-to-site VPN client setup Hello all, I have a small branch office set up with a site-to-site VPN tunnel between my main office ISA server and a Win2K3 R2 server at the branch office set up as a local DC, RRAS server, DNS, etc. It has a single NIC behind a NAT gateway to the branch office ISP. I have set up the client XP Pro machines TCP/IP in the branch office with the DNS and default gateway set up to poin... 1 5/22/2007 3:51:02 PM WAN Miniport (PPTP) missing from RRAS Server: Windows 2003 SBS Updated with Service Pack 2 Problem: Can no logner create VPN Connections WAN Miniport (PPTP) is not in the RRAS ports list any longer. RRAS was working fine until some error happened with a program found in the temp directory. Cleaned server and everything is fine with the exception of RRAS WAN Miniports missing. The WAN Miniport (PPPoE), Direct Parallel... 5 5/11/2007 1:34:01 AM Native IPSec on Windows Vista Hi, I want to use IPSec policy on Windows Vista environment. Please help me to provide the information for the same. Do i need to configure IPSec policy through MMC, and which services i need to unable (e.g IKE and AuthIP IPsec Keying Modules, IPsec Policy Agent) Thanks in advance Best Regards, Sunil... 1 5/9/2007 6:59:01 AM Ports for Windows logon I have users that vpn into our dmz. Once they are in the dmz, I would like for them to logon to the domain. Can anyone tell me what ports I need to open on the firewall to allow full windows authenication? ... 1 4/30/2007 12:30:03 PM IPsec question in vista Hi! I have a question in vista. I am trying to set up IPsec policy on vista to create a VPN connection. I had seted up IPsec policy on WinXP successfully. But that same set up on vista, result is failure. I had tried to create a tunnel on windows firewall. I try to ping the node in the VPN but it reply Negotiating IP Security. What's the problem? Thanks. Leo. ... 2 4/27/2007 5:40:10 PM different IPSec for different working hours My environment is Windows 2003 server and many XP machines. I have created IP security policy on Domain Controller and it works fine. Now I want to enable all rules on working hours, e.g. 9am - 6pm. And disable some rules outside of those boundaries. Is it possible to configure is in such way? How? Now I simply have made script, which automatically stops IPSec service on 6pm and starts o... 1 4/19/2007 7:56:12 AM 1 Pages: 1