Everything You Always Wanted To Know About The Soft SA, But…

====================== DISCLAIMER ====================This posting is provided “AS IS” with no warranties, and confers no rights.==================================================== What Is a “Soft” SA? A soft SA is one in which the Negotiate security filter action is enabled, but there is no authentication or encryption being performed because the computer with which communication occurs is not running IPSec. This…

3

What the Heck is the “Default Response Rule”?

====================== DISCLAIMER ====================This posting is provided “AS IS” with no warranties, and confers no rights.==================================================== The default response rule is used to ensure that the peer computer responds to requests for secure communication. If the active policy does not have a rule defined for a computer that is requesting secure communication, then the default response…

1

New IPsec Documentation Available

====================== DISCLAIMER ====================This posting is provided “AS IS” with no warranties, and confers no rights.==================================================== Managing Intra-Windows Compatibility for IPsecThis paper includes information about managing intra-Windows compatibility among the IPsec-compatible Windows operating systems. This paper also includes information on regulatory compliance, Windows-based IPsec tools, and best practices. This paper is intended for IT professionals in…

0

Changes In IPsec in Windows 2003 SP1

====================== DISCLAIMER ====================This posting is provided “AS IS” with no warranties, and confers no rights.==================================================== The long and the short of it are that there aren’t any changes in IPsec that affect configuration. The (see, Changes to Functionality in Microsoft Windows Server 2003 Service Pack 1) book of SP1 doesn’t have any entries specifically for…

0

Does IPsec Do ‘Stateful’ Filtering?

====================== DISCLAIMER ====================This posting is provided “AS IS” with no warranties, and confers no rights.==================================================== What Is ‘Stateful’ Filtering?Stateful filtering is the type of packet filtering that firewalls do where the firewall records certain details from packets leaving the protected network and then compare any returning packets destined for the original sender of the packets….

0

IPsec and Certificate Authentication

====================== DISCLAIMER ====================This posting is provided “AS IS” with no warranties, and confers no rights.==================================================== There is some confusion over what role certificates have in IPsec. Some are thinking that the certificates are being used to encrypt the IPsec traffic – but this is not true. PKI certificates can be used to authenticate IPsec peers…

0

IPsec And…? – Using IPsec With Other Encryption Methods

====================== DISCLAIMER ====================This posting is provided “AS IS” with no warranties, and confers no rights.==================================================== The question is “What combinations of security protocols can be used with IPsec and which ones cannot?” It’s a fair questions and reasonable given that your IT environments can be rather heterogeneous and use PKI, PGP, IPsec, SSL, and WKWE…

0

The Difference Between IPsec and Firewalls

====================== DISCLAIMER ====================This posting is provided “AS IS” with no warranties, and confers no rights.==================================================== At first glance (and second glance too) IPsec and firewalls seem to fulfill the same technological niche, or at least significantly overlapping niches. Indeed this impression is partially true and caused some confusion as we battle to understand the subtleties…

0

NAT-T Overcomes NAT and IPsec Problems

====================== DISCLAIMER ====================This posting is provided “AS IS” with no warranties, and confers no rights.==================================================== The last post talked about how NAT and IPsec don’t work well together. There is a solution, however, in NAT Traversal or NAT-T. Basically, NAT-T (IETF RFC 3947 and 3948) detects the presence of any NAT devices between two hosts,…

1

Why NAT and IPsec Don’t Like Each Other [Updated 4.29.2005]

====================== DISCLAIMER ====================This posting is provided “AS IS” with no warranties, and confers no rights.==================================================== If you have ever ready articles on IPsec or NAT (Network Address Translators) and heard that IPsec can’t be used with NAT but were never told specifically why, then this post is for you. Why NAT is A Problem for…

1