Microsoft KB Archive/253740

From BetaArchive Wiki
< Microsoft KB Archive
Revision as of 12:52, 21 July 2020 by X010 (talk | contribs) (Text replacement - """ to """)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Article ID: 253740

Article Last Modified on 3/1/2007



APPLIES TO

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition



This article was previously published under Q253740

SUMMARY

This article identifies two documentation errors in the "Predefined IPSec policies, overview" section of Windows 2000 Help and provides the correct information.

MORE INFORMATION

Predefined Policies Help Topic Documentation Error

Incorrect information in the "Predefined policies" Help topic

Secure Server (Require Security)
This is used for computers which always require secure communications. An example would be a server which transmits highly sensitive data, or a security gateway which protects the intranet from the outside. This policy rejects unsecured incoming communications, and outgoing traffic is always secured. Unsecured communication will not be allowed, even if a peer is not IPSec-enabled.

Corrected information for the "Predefined policies" Help topic

Secure Server (Require Security)
This policy is an example policy for computers on the internal network that require secure communications, such as a server that transmits highly sensitive data. This is an example policy only. Administrators must customize their own IPSec policy for production use. The filters used in this policy will require all outbound communication to be secured. This is only useful for testing. Use this policy to test with the Client (Respond Only) policy.

Predefined Filter Actions Help Topic Documentation Error

Incorrect Information in the "Predefined filter actions" Help topic

Require Security. High security. Unsecured communication will not be allowed.

Corrected Information for the "Predefined filter actions" Help topic

Require Security
High security designed to request IPSec protection for packets which match the corresponding filters. This has a setting to allow the receipt of unsecured incoming initial communication (e.g. connection request), and will cause the computer to attempt to secure both directions of traffic by requesting IPSec security with the sender of the unsecured traffic. This filter action must not be used on the Internet to avoid potential denial of service attacks.

Keywords: kbdocerr kbinfo kbipsec KB253740