I have two servers (A and B). I need to copy files from A to B securely.
I have set up IPSec on Ports 137-139 for the two servers, and using IPSec
Monitor, I can see that the SA is established and the packets are encrypted.
However, I am not clear what happens if the SA is not properly established
(if the rules are not set up on both servers correctly). In most cases, the
file copy proceeds normally, even though the IPSec rules specify negotiation
of ESH only. Yesterday, I was receiving a copy failure for a while, which I
would expect would be the result of mismatched or missing policies, but then
I made some changes and it started working again, even though the policies
were still mismatched or missing from Server B.
The only setting checked on the Filter action is Perfect Forward Key Secrecy.
If a TCP connection is established between the two servers, and then IPSec
is enabled, is the existing connection cached and stays in place for a period
of time? Would this explain my inconsistent results with mismatched or
missing polices? If I have an IPSec policy enabled on one server, but not
the other, should it behave as if I configured blocking for the ports?
The main reason for asking this question is that I have scripted the
configuration of IPSec for the two servers, and it is easier to document for
an implementer to configure the first server, try copying a file, verifying
the copy fails, then configure the second server, and verify the copy
succeeds, than it is to document how to use the IPSec Monitor and what to
look for in the MMC.
Thanks.
--
Jeffrey Harris, MCSE W2K.
Please remove the '1's from the e-mail address before sending.
|
Similar Threads
Linear Mode
