walnut
Content Type
Profiles
Forums
Events
Posts posted by walnut
-
-
Thanks for the replies.
pardon me if i'm wrong. The settings available for specification of tunnel endpoints does not enable tunnel mode.
I had tried to look for the setting for [tunnel/transport] setting option in the IPSEC policies but i could not find it.
there is only options for the kind of algo[AH, ESP, DES, SHA1 etc... ] used for encryption and integrity.
If this is true, does this mean that windows built-in IPSEC capability can only facilitate transport mode?
What abt setting up a VPN for RRAS?
Can a tunnel mode VPN be configured for RRAS?
0 -
Hi there
I had set up a Win2003 server.
I had also created new OUs branching from the Root-domain abc:
abc [root domain] has GPO-yellow that specifies a yellow wallpaper
- wallpaper-group [new OU]
- wall-green [OU]
- green-grp [group ] has GPO-green that specifies a green wallpaper
- wall-blue [OU]
- blue-grp [group ] has GPO-green that specifies a blue wallpaper
From a clientXP node, i have mapped a drive on the client to the Win2003server containing all 4 wallpaper files. Verified files can be opened from client.
When i login as user:
1. green1 or
2. blue1
I still receive a yellow wallpaper, which is the GPO-yellow specified at the domain level.
I have NOT activated the [no-override] option
Question:[/color]
Isn't GPO applied in the sequence [ Local -> Site -> Domain -> OU ]?
Why did'nt the GPO applied at the OU level precede over the GPO applied at the domain level?
This contradicts what is written in Microsoft Help and Books.
Pls help
0 -
Hi there.
I had set up a test lab comprising of 2 XP workstations.
A router was placed in the middle, and the nodes are in different netws.
I had tweaked the Local Group Policy Security settings to enable IPSEC for
1. All ip traffic
2. Any source to any destination
IPSEC negotiation was successful.
I tried the following traffic:
1. ICMP Ping
2. FTP file transfer
I then run ethereal on a 3rd PC to sniff the traffic.
Observation from ethereal captures:
1. The payload is encrypted using ESP
2. Source and Dest ip addresses are in the CLEAR.
Questions:
1. If ESP mode is used, why is the source and dest ip addr still in the CLEAR? ESP mode is supposed to encrypted the original ip header, and replace with a new header.
2. Are there any configuration options for windows built-in IPSEC? Eg. AH or ESP?
Title edited -- Please, use [TAGS] in your topic's title.
Please follow XP Forum Rules from now on.
--Sonic
0
Group Policy Object can't work in OU-level?
in Windows 2000/2003/NT4
Posted
Hi.
I had initially created the lab simulation environment with only GPOs created at the OU levels, that is, i only have GPOs for wall-green and wall-blue. there was on GPO for wall-yellow created at the domain level initially.
but
the GPOs for wall-green and wall-blue would'nt would'nt take effect on the remote client logged in remotely.
that was when i created GPO for wall-yellow created at the domain level
In response to your tip " Then you would go to the top level and Add the GPO browsing to OU-Green and selecting GPO-Green."
I am not sure if the top-level u are referring to is the OU folder?
Can you elaborate abit further on the "Add GPO browsing to OU-green at the top level"?
Thank you very much.
Appreciate it.