screen.
How to Establish a Secure IPSec Tunnel
Step 1: Create an IPSec Policy
1. Click the
Start
button, select
Run
, and type
secpol.msc
in the
Open
field. The
Local Security
Setting
screen
will appear as shown in Figure B-1.
2. Right-click
IP Security Policies on Local Computer
(Win XP) or
IP Security Policies on
Local Machine
(Win 2000), and click
Create IP Security Policy
.
3. Click the
Next
button, and then enter a name for your policy (for example, to_Router). Then,
click
Next
.
4. Deselect the
Activate the default response rule
check box, and then click the
Next
button.
5. Click the
Finish
button, making sure the
Edit
check box is checked.
Step 2: Build Filter Lists
Filter List 1: win->Router
1. In the new policy’s properties screen, verify that the
Rules
tab is selected, as shown in Figure
B-2. Deselect
the
Use Add Wizard
check box, and click the
Add
button to create a new rule.
2. Make sure the
IP Filter List
tab is selected, and click the
Add
button. (See Figure B-3.)The
IP
Filter List
screen should appear, as shown in Figure B-4. Enter an appropriate name, such as win->Router,
for the filter
list, and de-select the
Use Add Wizard
check box. Then, click the
Add
button.
NOTE:
The references in this section to “win” are
references to Windows 2000 and XP. Substitute
the references to “Router” with “Gateway”. Also,
the text on your screen may differ from the text in
your instructions for “OK or Close”; click the
appropriate button on your screen.
Figure C-1: Local Security Screen
Figure C-2: Rules Tab
Figure C-3: IP Filter List Tab
3. The
Filters Properties
screen will appear, as shown in Figure B-5. Select the
Addressing
tab. In
the
Source
address
field, select
My IP Address
. In the
Destination address
field, select
A specific IP Subnet
,
and fill in
the IP Address: 192.168.1.0 and Subnet mask: 255.255.255.0. (These are the Router’s default
settings. If you
have changed these settings, enter your new values.)
4. If you want to enter a description for your filter, click the
Description
tab and enter the
description there.
5. Click the
OK
button. Then, click the
OK
or
Close
button on the
IP Filter List
window.
Filter List 2: Router ->win
6. The
New Rule Properties
screen will appear, as shown in Figure B-6. Select the
IP Filter List
tab, and make
sure that
win -> Router
is highlighted. Then, click the
Add
button.
Figure C-4: IP Filter LIst
Figure C-5: Filters Properties
Figure C-6: New Rule Properties
7. The
IP Filter List
screen should appear, as shown in Figure B-7. Enter an appropriate name,
such as Router-
>win for the filter list, and de-select the
Use Add Wizard
check box. Click the
Add
button.