IPSEC Filter

[Stephen]

Setup IP filter to allow block incoming traffic and allow
outgoing traffic and allow traffic for proxy and DNS. The
filter starts blocking incoming traffic as it should. Then
user cannot browse Internet. Unchecking Incoming rule
allows user to browse Internet. Rechecking Incoming rule
still allows user to browse Internet. Until a reboot.
Anyone experience this?

 

[Steven L Umbach]

Ipsec filters [versus IP filtering] should not be reset from a reboot. Make sure to
unassign a policy to modify it and the assign it when done. You can use netdiag from
the support tools to view your current ipsec filter via "netdiag /test:ipsec /v ". I
would concentrate more on having the correct filter rules in the first place. Dns
would require a mirrored rule for permit outbound port to 53 udp from my IP, from any
port, to any IP [or your ISP dns servers]. --- Steve