Educause Security Discussion mailing list archives
Basic Practical IPSec Documentation?
From: Mike Lococo <mike.lococo () NYU EDU>
Date: Wed, 28 Oct 2009 17:22:39 -0400
Hi Folks, Is anyone aware of a good practical tutorial on implementing IPSec on windows in the trivially simple case? In particular I'm looking for something that covers: * Short introduction to IPSec concepts, not more than a page. * Short introduction to IPSec on windows concepts, again, less than a page. Here I'm looking for a high-level overview of a policy vs a filter vs an action, and any other absolutely critical windows specific concepts that would prevent you from implementing even if you more or less understand IPSec. * A couple of pages of mid-level tutorial on actually setting up a simple connection. In particular, I think the "right" connection for such a tutorial is a host-to-host filter for any protocol/port between two IP's using transport mode that requires integrity and encryption and uses IKE+PSK for authentication. This configuration allows a relative beginner to use IPSec to protect almost any kind of communication between two hosts, and doesn't require delving into certificates which more than double implementation complexity. I'm often recommending that folks use IPSec to protect some network communication that fails to implement (or properly implement) authentication, encryption, or integrity controls, and after getting enough complaints from admins that they couldn't figure out how to implement I actually went poking around for instructions on how to do this in windows. I was astounded at the excessive length and poor quality of documentation for what is not *that* complex a task. Has anyone found the diamond in the rough, or am I going to have to go digging? Thanks, Mike Lococo
Current thread:
- Basic Practical IPSec Documentation? Mike Lococo (Oct 28)
- <Possible follow-ups>
- Re: Basic Practical IPSec Documentation? Chris Green (Oct 30)
- Re: Basic Practical IPSec Documentation? Mike Lococo (Oct 30)