=?Utf-8?B?RWtoYW4=?= <(E-Mail Removed)> wrote in
news:B10C163C-2154-4F0D-B2BA-(E-Mail Removed):
> Hi,
>
> I have been asked by a financial institution to implement ipsec on the
> network. Unfortunately, I assumed that this would be easy- just turn
> on the 'Require Secure' policy under 'Domain Security Policy', and use
> kerberos authentication- all of the clients are running 2K Pro and XP
> Pro and should respond with ipsec...
>
> After turning the policy on, I quickly learned that no one could
> connect to webmail. Also, I am guessing that remote users connected
> through the Cisco VPN would also have a problem, though we are using
> radius authentication, which authenticates them on the domain.
>
> Anyway, is there a way to implement ipsec, so that external users will
> still have access to webmail and network resources? I am guessing
> that I can filter communication between the front-end Exchange server
> and the backend, but I do not know for sure. And I do not know
> whether vpn users will have access to anything. Any information about
> this would be greatly appreciated.
>
> Thanks in advance.
>
>
>
Yes there is a way to do this -- IPsec allows you to configure IP filters
for specific traffic, which is what you need to do. This is a fairly
complex topic and deployment, and you should implement this in a test lab
first.
You can find answers to all of your questions at the IPsec TechNet site at
http://www.microsoft.com/technet/its...c/default.mspx
--
James McIllece, Microsoft
Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.
This posting is provided "AS IS" with no warranties, and confers no rights.
Similar Threads
Linear Mode
