Accessing Standalone Wink3 Server from XP Workstations

  • Thread starter Thread starter CHANGING FAIL OVER CLUSTER TO NLB
  • Start date Start date
C

CHANGING FAIL OVER CLUSTER TO NLB

Hello:

Situation:
-----------
--All standalone servers and no Active Directory.
--Win2k3 server. Has a test web page.
--Applied IPSec policy on the local Win2k server first by creating an ip
filter limiting access to "Require Security" for all the XP workstations
coming from a certain network.
--There is a seperate standalone sub-CA server which issues certificates.
--The Win2k3 Server which has a test web page and which has a "Require
Security" policy implemented has a Certificate (IPSec) installed on the
Computer Account.
--XP client workstation which has NO Certificate installed tries to access
the test page from the subnet mentioned in the IP filter and which has
Require Security option and it can access that page successfully without any
problem.

My questions are as follows:
--------------------------------

1. Do we really need to implement IPSec policy at the client level as well
which means that we need to distribute or issue Certificates (IPSec) with
"Require Security" option at the client side as well?

2. Is there any way without having to implement IPSec policy at the client
workstation to completely block access to the above mentioned Win2k3 server
where IPSec policy is implemented (web page or accessing file share etc)?

I will certainly appreciate your input on this. Thanks.

Victor
 
Sorry, this newsgroup is for questions about security in Access, the
database product that's part of Office Professional.

You'd be best off reposting your question to a more appropriate newsgroup.

--
Doug Steele, Microsoft Access MVP

(no private e-mails, please)


"CHANGING FAIL OVER CLUSTER TO NLB"
 
Oops.....thanks for the pointer.

Victor

Douglas J. Steele said:
Sorry, this newsgroup is for questions about security in Access, the
database product that's part of Office Professional.

You'd be best off reposting your question to a more appropriate newsgroup.

--
Doug Steele, Microsoft Access MVP

(no private e-mails, please)


"CHANGING FAIL OVER CLUSTER TO NLB"
 
Back
Top