[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-ms
Subject:    RE: Setting up IPSEC with servers in and out of a domain
From:       "Serge Vondandamo" <serge.vondandamo () wanadoo ! fr>
Date:       2007-11-20 5:32:19
Message-ID: 20071120053222.7DFCF700008B () mwinf2503 ! orange ! fr
[Download RAW message or body]

Marty,

That is doable.
The conditions are that you will have to open the IPSEC ports on FWs on both
side of the communication channel.

IKE on UDP 500, IP 50 or IP 51 depending on either you are using AH or ESP
on the FWs at each side of the communication link.

If both servers are behind NAT devices the only ports you'll need will be
UDP 500 (IKE, ISAKMP) and UDP 4500 for NAT Traversal.

Be aware that Cisco IPSEC implementation will require an additional port to
be open; I think it is TCP 10000.

Cheers,
Serge Vondandamo, HND, CCNA, CISSP

-----Message d'origine-----
De : listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] De
la part de Marty
Envoyé : lundi 19 novembre 2007 19:11
À : focus-ms@securityfocus.com
Objet : Setting up IPSEC with servers in and out of a domain

Greetings list,

Has anyone had success with using IPSEC to encrypt traffic between a
server in a domain and a server not in a domain?  If not, are there
any third party solutions out there that can do this?

Thanks in advance,
Marty





[prev in list] [next in list] [prev in thread] [next in thread]