IPSec between Windows XP/2003 and Windows 7/2008 R2

-

i see lot of posts how people not able ipsec working between windows xp/2003 , windows 7/2008 r2 computers, don't see solutions.

has been able working?  if so, how?

i have same exact ipsec polices applied xp , windows 7 computers.  when try access xp comptuer windows 7 computer, works fine.  when try access windows 7 computer xp computer, doesn't.  see traffic getting windows 7 computer, being dropped.  firewalls disabled , ipsec policy set "request".  default windows 2003/xp "request" security being used.  windows 7/2008 r2 computers can communicate each other without problems, xp/2003 cannot communicate each other or with windows 7/2008 computers, shows security association has been negotiated , exists using ipsec monitor tool.  if disable ipsec server or apply customized "permit all" unecrypted policy windows xp/2003 computers, can communicate normally.

there has difference between xp/2003 , 7/2008, cannot find information different , how adjust settings make them compatible.

any appreciated.

hi slindley,

 

thanks posting here.

 

could discuss how did disable firewall windows7/2008 hosts? actually, should not disable since need supporting ipsec communication.

you may start form articles below first:

 

security rules windows firewall , ipsec-based connections in windows vista , in windows server 2008

http://support.microsoft.com/kb/942957

 

overview of ipsec rules in windows firewall advanced security

http://blogs.technet.com/b/networking/archive/2008/06/25/overview-of-ipsec-rules-in-windows-firewall-with-advanced-security.aspx

 

thanks.

 

tiger li

 

technet subscriber support in forum

if have feedback on our support, please contact tngfb@microsoft.com

please remember click “mark answer” on post helps you, , click “unmark answer” if marked post not answer question. can beneficial other community members reading thread.


Windows Server  >  Security



Comments

Post a Comment

Popular posts from this blog

WIMMount (HSM) causing cluster storage to go redirected (2012r2 DC)

-
looking options resolve error , prevent in future. thanks help. hardware: 2 node dell hv cluster running2012r2 dc 8 nic/ea in multiplex mode 4x hyper-v 4x hosts storage: 2x synology nas, accessed through iscsi hosts , cluster relevant logs: log name:      microsoft-windows-failoverclustering/diagnostic source:        microsoft-windows-failoverclustering date:          event id:      2050 task category: none level:         warning keywords:       user:          system computer:      l description: [dcm] filter wimmount found @ unsafe altitude 180700 log name:      system source:        microsoft-windows-failoverclustering date:         event id:      5125 task category: cluster shared volume level:         warning keywords:       user:          system computer: description: cluster shared volume 'volume1' ('cluster disk 1') has identified 1 or more active filter drivers on device stack interfere csv operatio
Read more

Failed to delete the test record dcdiag-test-record in zone test.com

-
ps c:\users\administrator.test> dcdiag /test:dns directory server diagnosis performing initial setup:    trying find home server...    home server = dc02    * identified ad forest.    done gathering initial info. doing initial required tests    testing server: default-first-site-name\dc02       starting test: connectivity          ......................... dc02 passed test connectivity doing primary tests    testing server: default-first-site-name\dc02       starting test: dns          dns tests running , not hung. please wait few minutes...          ......................... dc02 passed test dns    running partition tests on : forestdnszones    running partition tests on : domaindnszones    running partition tests on : schema    running partition tests on : configuration    running partition tests on : test    running enterprise tests on : test.com       starting test: dns          test results domain
Read more

Azure MFA with Azure AD and RDS

-
i have setup following lab in azure , need help. a server (domain controller) , remote desktop services. and server multi factor authentication server. i have setup following one http://www.rdsgurus.com/uncategorized/step-by-step-using-windows-server-2012-r2-rd-gateway-with-azure-multifactor-authentication/ and when im connecting got following error. the user "domain\username", on client computer "xxx.xxx.xxx.xxx", did not meet connection authorization policy requirements , therefore not authorized access rd gateway server. authentication method used was: "ntlm" , connection protocol used: "rpc-http". following error occurred: "23003". also on security log i've got following authentication details: connection request policy name: ts gateway authorization policy network policy name: - authentication provider: radius proxy authentication server: test.test.local authentication type: - eap t
Read more