How to Implement IPSec between a client and a Server in VMware Workstation 10?

deathinmyvein

Hi all,

This is my first post. I need help in implementing IPSec.

The Scenario is as follows

I have VMware Workstation 10 installed.
I have Win server 2008 R2 installed in VMWare
I have Windows XP SP3 installed in VMWare

I want to implement and test a IPSec policy in R2.

What I have tried is to define a Preshared string for Port no.21 where my FTP is hosted.
I could not get it working.

My General requirement iis to implement and IPSec policy.

I was trying to do communication through a port using IPSec between Win XP Client and Win Server 2008 R2.

Please suggest how to go about it. Any help is highly apreciated.

Thanks and Regards

Asif Dasl

Hello & welcome to TE!

Is your networking set to Bridged mode for both VMs? It defaults to NAT which is probably what is causing you problems.

Here's a youtube video how to configure it - save me from writing it out!
http://www.youtube.com/watch?v=WubgXINuTmo

HTH.

deathinmyvein

#Thanks a TON for the video. Spot on. Was very clearly explained. Thanks again.:):)

Thanks for the reply.
I have tried both bridging and NAT.

I have assigned static IP and put it in NAT. They are Pinging fine.

Also, I have enabled DHCP server with reservations. The assigned IP is in same network and pinging works fine but FTP is not working.

Any help or links to step by step procedure will be highly helpful.

Any suggestion on any other ways to implement an IPSec policy?

Thanks and regards

deathinmyvein

Another quick doubt. If you could help out.
I was trying to deny access to all removable storage of my client through Group Policy Mgmt.
But my client is Windows XP and policy requires at least Win Vista. Is there a workaround for this compatibility issue. I have not yet figured it out.
Please help. Any options that can be set to make XP take this policy?

Asif Dasl

Have a look of this, it should help you out...

Best Practice: How to use Group Policy to disable USB drives on Windows XP

deathinmyvein

Hello friends,

Is it possible to create an IPSec policy where in only clients with IPSec can connect to the server and non IPSec Clients won't be able to connect??

Situation.

---

I have a lab environment where One machine is my Server(R2) and two other machines are client running XP.

Requirement is to create an IPSec on Server and grant access to one client and restrict access to other client which is not having IPSec?

Also, I have an FTP site hosted on server port no.21

I want to define IPSec for communication from any IP to Server IP port no.21.
Currently both my XP clients are part of same domain and have access to ftp.
I defined one IPSec policy between Any IP to Server IP port 21 but my Non IPSec Client still have access, how to restrict this?

General requirement is to Restrict access of client to server if IPsec is not implemented and grant access only if IPSec is present.

Kindly help.

Thanks and regards

Asif Dasl

I think you are talking about NAP (Network Access Protection) & IPSec. Have a look at these step-by-step guides I think they should help. Compliant clients should get access through IPSec, whereas non-compliant clients should be refused access - I have not set this up myself however but I'm pretty sure this is what you are talking about.

Windows Server 2008 - NAP IPsec, DHCP and 802.1x Updated Guides - Keith Combs' Blahg - Site Home - TechNet Blogs