Rob,
you are refering to two distinct things:
a) IPSec filtering
b) Statefull filtering
IPSec filtering refers to IPSec packets, ie encapsulated packets in an IPSec
"envelope".
So, if you start a web browser and go to
www.yahoo.com , your packets will
not be of type ESP (Encapsulated Security Payload), but HTTP.
Statefull filtering is acomplished by services like NAT services in Windows
2000/2003 and products like Microsoft ISA Server 2000/2004. When a packet
goes out, its details are entered in a table. When a reply to this packet is
received, a table is scanned and if the details match, packet is delivered
back to the host which initiated this traffic. This way, only traffic that
originated from the "inside" network gets replies from "outside". Other
traffic is blocked.
So, the answer to your question would be:
In your scenario, don't use IPSec, but NAT service or product like Microsoft
ISA Server 2000/2004.
Dusko Savatovic
"Rob" <(E-Mail Removed)> wrote in message
news:BC964B42-4196-43FB-ACE7-(E-Mail Removed)...
>I need some more clarity in understanding IPSec filtering and rules. My
> question is that if I have the following rules:
>
> Rule 1: Block all incoming traffic
> Rule 2: Permit all outgoing traffic
>
> Now, if I start a web browser and go to www.yahoo.com, will the traffic
> generated by www.yahoo.com be blocked?
>
> Thanks,
> Rob ((E-Mail Removed))
>
Similar Threads
Linear Mode
