Table of Contents
Windows IPSec and Firewall
http://technet.microsoft.com/en-us/network/bb531150
The following are not used:
- Quickmode Policies not available.
- Generic Mainmode Filters not available.
- Specific Mainmode Filters not available.
- IPsec MainMode Security Associations not available.
- IPsec QuickMode Security Associations not available.
The QuickMode Filters are the active filters. They are listed three different ways
- Quick Mode Filters(Transport): Generic
- These don't specify an address
- Quick Mode Filters(Transport): Specific Outbound
- These specify an outbound source address
- Quick Mode Filters(Transport): Specific Inbound
- These specify an inbound destination address
To get a list of all the rules
netsh ipsec dynamic show all
Advanced Firewall
to open Windows Firewall with the command line
wf.msc
netsh advfirewall firewall show rule name=all profile=any type=dynamic verbose
Windows Adv Firewall GPO
–disable user configuration –Enable Adv firewall for Domains –Turn off rul mergin <both and notifications
WMI p.43 (?)
Firewall notes
ipsec
AOE Domain Controller IPSEC Policy = AOE Domain servers
aoe ipsec netbios-rdp = AOE_netbios_rdp_restricted = AOE computers
licenseserver IPSec = AOE Campus Only
Printers IPSec = AOE Campus Only = printers
Restrict Netbios = Restrict NetBios = all AOE computers
Restrict SunRPC = linut_sunrpc = not used
Headline
Temp_AOE_enable_remote_desktop = remote-desktop-ipsec-encryption
Firewall exceptions for NX3, AS4.1 and Xwin7 (netrider) = disabled
ADV
AOE Firewall Settings
AOE DNS Servers campus only ??
Turn on Windows Firewall
Firewall - not selected
Set Windos XP SP2 firewall