walnut

Hi. I had initially created the lab simulation environment with only GPOs created at the OU levels, that is, i only have GPOs for wall-green and wall-blue. there was on GPO for wall-yellow created at the domain level initially. but the GPOs for wall-green and wall-blue would'nt would'nt take effect on the remote client logged in remotely. that was when i created GPO for wall-yellow created at the domain level In response to your tip " Then you would go to the top level and Add the GPO browsing to OU-Green and selecting GPO-Green." I am not sure if the top-level u are referring to is the OU folder? Can you elaborate abit further on the "Add GPO browsing to OU-green at the top level"? Thank you very much. Appreciate it.

Thanks for the replies. pardon me if i'm wrong. The settings available for specification of tunnel endpoints does not enable tunnel mode. I had tried to look for the setting for [tunnel/transport] setting option in the IPSEC policies but i could not find it. there is only options for the kind of algo[AH, ESP, DES, SHA1 etc... ] used for encryption and integrity. If this is true, does this mean that windows built-in IPSEC capability can only facilitate transport mode? What abt setting up a VPN for RRAS? Can a tunnel mode VPN be configured for RRAS?

Hi there I had set up a Win2003 server. I had also created new OUs branching from the Root-domain abc: abc [root domain] has GPO-yellow that specifies a yellow wallpaper - wallpaper-group [new OU] - wall-green [OU] - green-grp [group ] has GPO-green that specifies a green wallpaper - green1 - wall-blue [OU] - blue-grp [group ] has GPO-green that specifies a blue wallpaper - blue1 From a clientXP node, i have mapped a drive on the client to the Win2003server containing all 4 wallpaper files. Verified files can be opened from client. When i login as user: 1. green1 or 2. blue1 I still receive a yellow wallpaper, which is the GPO-yellow specified at the domain level. I have NOT activated the [no-override] option Question:[/color] Isn't GPO applied in the sequence [ Local -> Site -> Domain -> OU ]? Why did'nt the GPO applied at the OU level precede over the GPO applied at the domain level? This contradicts what is written in Microsoft Help and Books. Pls help

Hi there. I had set up a test lab comprising of 2 XP workstations. A router was placed in the middle, and the nodes are in different netws. I had tweaked the Local Group Policy Security settings to enable IPSEC for 1. All ip traffic 2. Any source to any destination IPSEC negotiation was successful. I tried the following traffic: 1. ICMP Ping 2. FTP file transfer I then run ethereal on a 3rd PC to sniff the traffic. Observation from ethereal captures: 1. The payload is encrypted using ESP 2. Source and Dest ip addresses are in the CLEAR. Questions: 1. If ESP mode is used, why is the source and dest ip addr still in the CLEAR? ESP mode is supposed to encrypted the original ip header, and replace with a new header. 2. Are there any configuration options for windows built-in IPSEC? Eg. AH or ESP? Title edited -- Please, use [TAGS] in your topic's title. Please follow XP Forum Rules from now on. --Sonic