<!– @page { size: 8.5in 11in; margin: 0.79in } P { margin-bottom: 0.08in } –>
How to use IPSEC to filter packets ?
Internet Protocol security (IPSec) can be used to filter packets coming/going to the server. This can be done easily using Netsh IPSec tools.
Here first we need to add a ‘filterlist‘ which contains a group of ‘filter’s. Each ‘filter’ is associated with some ‘filteraction‘ like permit or block.
A “policy” is the IPSec policy under which the rule is being applied and a “rule” is the one which links a policy to a filterlist and a filteraction. So as a result the rule make the action specified in the filteraction apply to the filters present in the filterlist.
Suppose I want to block all connection from IP 192.168.192.100. I will go like this.
1. Launch the command prompt (Start >> run >> cmd)
2. Add the filterlist.
C:\Documents and Settings\Administrator> netsh ipsec static add filterlist name=myfilterlist
3. Add filteraction
C:\Documents and Settings\Administrator> netsh ipsec static add filteraction name=myaction action=block
4. Add filter
C:\Documents and Settings\Administrator> netsh ipsec static add filter filterlist=myfilterlist srcaddr=192.168.192.100 dstaddr=Me
5. Add policy
C:\Documents and Settings\Administrator> netsh ipsec static add policy name=mypolicy assign=yes
6. Add rule
C:\Documents and Settings\Administrator> netsh ipsec static add rule name=myrule policy=mypolicy filterlist=myfilterlist filteraction=myaction
Now all the connections from/to IP 192.168.192.100 is blocked.
Alternatively we can configure all these using graphical interface. For that login to the server and open local security management console ( start >> run >> secpol.msc).