How to use IPSEC to filter packets ?

<!– @page { size: 8.5in 11in; margin: 0.79in } P { margin-bottom: 0.08in } –>

How to use IPSEC to filter packets ?

Internet Protocol security (IPSec) can be used to filter packets coming/going to the server. This can be done easily using Netsh IPSec tools.

Here first we need to add a ‘filterlist‘ which contains a group of ‘filter’s. Each ‘filter’ is associated with some ‘filteraction‘ like permit or block.

A “policy” is the IPSec policy under which the rule is being applied and a “rule” is the one which links a policy to a filterlist and a filteraction. So as a result the rule make the action specified in the filteraction apply to the filters present in the filterlist.

Suppose I want to block all connection from IP 192.168.192.100. I will go like this.

1. Launch the command prompt (Start >> run >> cmd)

2. Add the filterlist.

C:\Documents and Settings\Administrator> netsh ipsec static add filterlist name=myfilterlist

3. Add filteraction

C:\Documents and Settings\Administrator> netsh ipsec static add filteraction name=myaction action=block

4. Add filter

C:\Documents and Settings\Administrator> netsh ipsec static add filter filterlist=myfilterlist srcaddr=192.168.192.100 dstaddr=Me

5. Add policy

C:\Documents and Settings\Administrator> netsh ipsec static add policy name=mypolicy assign=yes

6. Add rule

C:\Documents and Settings\Administrator> netsh ipsec static add rule name=myrule policy=mypolicy filterlist=myfilterlist filteraction=myaction

Now all the connections from/to IP 192.168.192.100 is blocked.

Alternatively we can configure all these using graphical interface. For that login to the server and open local security management console ( start >> run >> secpol.msc).