My workstation is Windows XP Pro SP2 on a company intranet (static IP
addresses are used in AD). I want to install and use a localised WEB Server
(IIS5.1) on my workstation but I do not want it to be known to others on the
intranet which they can access. I only want access to the WEB Server for
all the other workstations I personally use for testing ASP for example.

I have tried setting IPsec filters using the procedures from Microsoft
TechNet to lock down a server for WEB server.
( see
http://www.microsoft.com/technet/its...y/ipsecld.mspx)

However, after I apply the policy, it blocks all my outbound requests to the
internet through to our proxy server so something is incorrectly configured.
How can I achieve running a WEB server on my workstation whilst locking it
down but still gain outbound access to the internet? The steps I undertook
are shown below.

I would appreciate your solutions

Regards,

Tony
gangemia@usq.edu.au



1. Local Security Settings
2. Select IP Security Policies on Local Computer
3. Action > Manage IP filter lists and filter actions.
4. Add and give filter list name as "Inbound WEB Protocols" > Add
5. IP Filter Wizard appears > Next
6. Source Address: "Any IP Address" > Next
7. Destination Address: " My IP Address" > Next
8. Select a protocol "TCP" > Next
9. IP Protocol Port " To this Post" 80 > Next > Finish > OK
10. Add "All inbound Traffic" > Add > Next
11. Source Address: "Any IP Address" > Next
12. Destination Address: " My IP Address" > Next
13. Select a protocol "Any" > Next > Finish > OK
14. Manage Filter Action Tab
15. Add > Next > Name is "Block" > Next
16. Filter Action General Options > "Block" selected
17. Finish > Close
18. Action > Create IP Security Settings > Next
19. IP Security Policy Name "Packet Filter" given > Next
20. Uncheck "Active the default response rule" > Next
21. Finish
22. On Pack Filter Properties dialogue > Add
23. Next
24. "This rule does not specify a tunnel" selected > Next
25. "All network connection" selected > Next
26. "Active Directory default (Kerboeros V5 protocol)" selected > Next
27. "Inbound WEB Protocols" selected > Next
28. "Permit" filter action selected > Next
29. Finish > OK
30. Add > Next
31. "This rule does not specify a tunnel" selected > Next
32. "All network connection" selected > Next
33. "Active Directory default (Kerboeros V5 protocol)" selected > Next
34. "All inbound Traffic" selected > Next
35. "Block" filter action selected > Next > Finish > Close
36. Right Click "Packet Filter" policy > Assign