The following link takes you to a Microsoft Knowledgebase article on how to setup IPSec rules to provide a nearly bulletproof firewall:

http://www.microsoft.com/technet/itsolutio...ty/ipsecld.mspx

The following link should help in addition to DC's link which is an extremely helpful link. This below given link also has a sample IPSec policy to start off with.

http://homepages.wmich.edu/~mchugha/w2kfirewall.htm

I followed these directions exactly and the server that I implemented this on cannot surf the net, once this policy is Assigned.
Why would this happen?

thanks,
Jim

Hi,

After a lot of investigating and testing on my home system, I made some additions to the rules to make this firewall a bit more useful. I've opened up the ports for VNC, Terminal Services.

I've also fixed the problems with only having access one way, say not being able to view a web page from the server.

Hope it helps

firewall without icmp packet filters.

Does anyone have an answer to this question? The same thing happened to me. I can't seem to be able to enable web access, though I managed not to lock myself out of remote desktop (whew!).

Ok can someone tell me what to do this file once I download it?

It doesn't seem possible to mimic the behavior of windows firewall with IPSec.

How would I allow all outgoing connections and block all incoming connections, just like windows firewall does?

For example, you block all ip connections. Then to be able to surf the web, you must "permit any port from my ip to port 80 on any ip". That is easy because web always use port 80. But, for example, if I want to use eMule. eMule may open any local port to connect to any remote port. How to create a rule that allows all connectios from my computer but blocks all connectios to my computer?