M
Michael A. Covington
Greetings,
I am using Microsoft IP Security Policy (on a Windows 2003 server) to drop
unwanted TCP packets like a firewall, as described here:
http://www.microsoft.com/technet/itsolutions/network/security/ipsecld.mspx
My problem is that one of my servers is hosting a VPN (through RRAS), and no
matter what I do, I can't find a setting (other than "allow everything")
that makes the VPN usable.
I tried the following filter set:
Port 1723 protocol TCP from any IP address to my IP address
Port ANY protocol 47 from any IP address to my IP address
Filter action: Permit
That didn't work. Nor did using UDP port 47 in place of any port protocol
47.
What are the correct settings? My server hosts the VPN by means of 2
network cards; am I maybe applying the settings to the wrong card?
The settings applied to all the other port numbers (to permit HTTP, FTP,
etc., and block other things) are working as advertised.
Many thanks!
I am using Microsoft IP Security Policy (on a Windows 2003 server) to drop
unwanted TCP packets like a firewall, as described here:
http://www.microsoft.com/technet/itsolutions/network/security/ipsecld.mspx
My problem is that one of my servers is hosting a VPN (through RRAS), and no
matter what I do, I can't find a setting (other than "allow everything")
that makes the VPN usable.
I tried the following filter set:
Port 1723 protocol TCP from any IP address to my IP address
Port ANY protocol 47 from any IP address to my IP address
Filter action: Permit
That didn't work. Nor did using UDP port 47 in place of any port protocol
47.
What are the correct settings? My server hosts the VPN by means of 2
network cards; am I maybe applying the settings to the wrong card?
The settings applied to all the other port numbers (to permit HTTP, FTP,
etc., and block other things) are working as advertised.
Many thanks!