O'Reilly logo

Exchange Server Cookbook by Devin L. Ganger, Missy Koslosky, Paul Robichaux

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

10.3. Enabling IPsec Between Front- and Back-End Servers

Problem

You want to protect traffic between your front- and back-end servers by using IPsec.

Solution

Using a graphical user interface

To create a new IPsec policy for HTTP, POP, and IMAP on the front-end server, do the following:

  1. Log on to the front-end server with an account that has administrative privileges.

  2. Open the Microsoft Management Console (mmc.exe).

  3. From the menu select File Add/Remove Snap-In. When the Add Standalone Snap-in dialog box appears, click the Add button.

  4. Select the group policy snap-in from the list (Group Policy Object Editor on Windows 2000, Group Policy on Windows 2003) and click the Add button.

  5. The Select Group Policy Object dialog box appears. Make sure the Group Policy Object field says Local Computer, and click Finish.

  6. Click Close and click OK to return to the management console.

  7. Expand the IPsec policy object, which is located under Local Computer Policy Computer Configuration Windows Settings Security Settings IP Security Policies on Local Computer.

  8. Right-click IP Security Policies on Local Computer and select Create IP Security Policy.

  9. When the IP Security Policy wizard appears, click Next.

  10. Give the policy a name (and, optionally, a description) and click Next.

  11. Click Next to keep the default response rule.

  12. In the Default Response Rule Authentication Method dialog box, make sure that Active Directory default (Kerberos V5 protocol) is selected and click Next.

  13. Click Finish; the properties dialog box ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required