Monday, June 28, 2004

Windows 2000 Firewall

Windows 2000 Firewall

Here is a great website showing how to use Microsoft's IP Security Settings to create an effective firewall. I will be modifying the rules to include a firewall for all ingress Internet traffic and both ingress and egress traffic through a PPTP tunnel.

I had to permit TCP traffic on port 1723 for PPTP and permit Other 67 (GRE protocol). I then had to create a trusted network that allowed all traffic through.

I found this article that states the problems using Windows IPSec as a firewall tool. http://sinbad.zhoubin.com/read.html?board=Win&num=110

This Microsoft KB article will show how to disable the vulnerability through the registry. http://support.microsoft.com/default.aspx?scid=kb;en-us;811832