I'm trying to establish a set of Windows Advanced Firewall rules (client side and server side) that will restrict SMB and RDP access using IPSec. I can't get the outbound client authentication to my servers functioning.
The server side definitions work fine - I used the inbuilt 'File and Printer Sharing (SMB-In)' rule and only changed the 'Allow the connection if it is secure' option and entered a couple specific computers for testing.
When I perform the *exact* same procedure on the client using the 'File and Printer Sharing (SMB-Out) the connection fails silently. Note that these systems are both in a default deny all in both directions. If I uncheck the 'only allow connections to these computers' option it works.
Operating systems in question are Server 2008 R2 and Windows 7.
My debugging steps have included:
Checking that the main and quick mode security associations are being created as expected.
Turning on the auditpol subcategories and logging as shown at http://msdn.microsoft.com/en-us/library/windows/desktop/bb736284(v=vs.85).aspx.
It looks like I'm getting a pair - one packet drop and one blocked connection - each time I unsuccessfully try to reach a secured resource.
The server side definitions work fine - I used the inbuilt 'File and Printer Sharing (SMB-In)' rule and only changed the 'Allow the connection if it is secure' option and entered a couple specific computers for testing.
When I perform the *exact* same procedure on the client using the 'File and Printer Sharing (SMB-Out) the connection fails silently. Note that these systems are both in a default deny all in both directions. If I uncheck the 'only allow connections to these computers' option it works.
Operating systems in question are Server 2008 R2 and Windows 7.
My debugging steps have included:
Checking that the main and quick mode security associations are being created as expected.
Turning on the auditpol subcategories and logging as shown at http://msdn.microsoft.com/en-us/library/windows/desktop/bb736284(v=vs.85).aspx.
It looks like I'm getting a pair - one packet drop and one blocked connection - each time I unsuccessfully try to reach a secured resource.