|
Posted by Adam Sandler on February 25, 2008, 5:47 pm
Please log in for more thread options
Hello,
I have a small network of W2K3 servers and XP clients. We're
physically separated from the main office and we need the local domain
to see a the remote domain.
The folks on the other end put all their traffic into IPsec. I'm new
to some of this but apparently what they are doing is all traffic is
eventually port 88. And vulnerable ports, such as 139 for example,
make it through the firewall because even though it's port 139
traffic, it appears as port 88.
The reason for the cross domain connection is there is a service on
our end, which is going to reach out to one of the other domain's
servers, and move files from a folder on their sever to a folder on
one of our hosts. Yes, there are probably other ways to do this, like
FTP for example, but it is what it is... For a number of reasons which
are way beyond the scope of this post we are constrained by what we
already have.
When discussing how to connect the domains, the distant end asked me
if we are using any Windows XP clients. We replied yes as the service
to move the files from the distant folder to the local folder resides
on one of the XP clients. The distant end then told me I'd have to
move the service to one of the W2K3 boxes as the IPsec on Windows XP
cannot handle what we are asking for.
The conversation for the moment kinda died there. My questions to the
forum are is what is different in Windows XP from 2000, Server, or
Vista? Is there a way around this limitation? I've seen articles
about modifying NoDefaultExempt in HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet\Services\IPSEC. Or does that fix even apply for
what I'm talking about.
Any insight, suggestions, or tech data is greatly appreciated.
Thanks!
| 
XML Sitemap