IPSec in Windows Server 2003

Introduction to IPSec in Windows Server 2003

IPSec deals with encrypting data over the network.  What IPSec does is protect data against those bad people with their protocol analysers.  Encryption prevents these network monitors capturing packets and reading sensitive information inside.  In my mind’s eye, using IPSec is like putting one of those clear cellophane envelopes in a sealed parcel.

Topics for IPSec


Attacks that you are protecting against

  • Network Monitoring – Protocol Analysers capturing data
  • Data Modification – Sending counterfeit data in your name e.g. alter the delivery address
  • Password cracking – Intruders capturing your password then logging to your network
  • Address Spoofing – Appear to come from a different email address

IPSec OptionsIPSec in Windows Server 2003

The best way to set IPSec is through Group Policies, alternatively, you can check through TCP/IP properties, Advanced.

IPSec is Disabled by default, here are the other three settings

  1. Client (Respond only) Means ‘I will speak IPSec if you wish’.
  2. Server (Request Security) Means ‘I would like to speak IPSec, but if you cannot comprehend IPSec then I will speak normally.
  3. Secure Server (Require Security) Means ‘I will only speak with clients who understand IPSec’.

Guy Recommends: The Free IP Address Tracker (IPAT) Free IP Tracker

Calculating IP Address ranges is a black art, which many network managers solve by creating custom Excel spreadsheets.  IPAT cracks this problem of allocating IP addresses in networks in two ways:

For Mr Organized there is a nifty subnet calculator, you enter the network address and the subnet mask, then IPAT works out the usable addresses and their ranges.  For Mr Lazy IPAT discovers and then displays the IP addresses of existing computers. 

Download the Free IP Address Tracker

IPSec ModesIPSEC in Windows Server 2003

Transport Mode is designed to ensure that traffic between two machines is secure, for example the Financial Director and the CEO.

Tunnel Mode is to secure traffic between two networks and is particularly useful for VPN traffic where you need encryption over the internet.

The diagram on the right gives a hint that there are a surprising number of setting and properties for IPSec.  In particular I recommend that you check out the filtering tabs.  (If necessary click and enlarge the thumb-nailed picture)

Encryption Schemes

Remembering that the whole purpose is to encrypt the data leads me to check out the encryption settings.


  • SHA – Secure Hashing Algorithm. US government 160-bit encryption
  • MD5 – Message Digest 5.  Widespread for commerce 138-bit encryption

Packet Encryption

  • 56-bit DES (Data Encryption Standard)
  • 40-bit DES (France uses)
  • 3 DES (Triple 56-bit highest level of encryption utilizes the processor significantly)

If you like this page then please share it with your friends


Related topics

Accounts   • Auditing  • IPSec  • Kerberos Tickets  • Windows RIS Server

LT2P and Certificates   • Security Snap-in  • Remote Shutdown