How to create IPSec filter list in Windows 2003

In this lesson you will learn how to create an Internet Protocol Security (IPSec) filter list.

IP Filter list specifies what traffic the system should secure using IPSec. IP filter lists can be specified based on IP addresses, protocols, and port numbers. An IP filter list is configured on the IP Filter List tab in the Properties dialog box of an IPSec rule of an IPSec policy.

Click "Add" button "New Rule Properties" IP Filter List tab.

"IP Filter List" dialog box will fire up. Enter a meaning-ful name and description. Remember to uncheck the "Use Add Wizard". Click "Add" button to create a new filter list to filter all Telnet Traffic to domain controller.

In Source address combo box, select "Any IP Address" and in Destination address combo box, select "My IP Address". To automatically create two filters based on configured filter settings going to and coming from the specific Destination address, select the Mirrored check box. Now click the "Protocol" tab.

Select TCP as the protocol and "To this port" as 23. Remember, Telnet is listening at TCP port number 23. Click "OK" to create a new IP filter list.

Click "OK" to finish. The new filter list "Block All Telnet" will be listed in the IP filter lists tab.

You have created a new IPSec IP filter list (Block All Telnet) to filter Telnet Traffic from all computers to the domain controller SERV03.omnisecu.com. Now you have to specify a filter action for this filter list. Click the filter action tab of "New Rule properties" Dialog box. To learn how to create a filter action, click "Next".