how can I configure IPsec to secure an FTP site

Discussion in 'Computer Security' started by siul0_0, Nov 8, 2006.

  1. siul0_0

    siul0_0

    Joined:
    Nov 6, 2006
    Messages:
    3
    I just got :stickyma: because of the anonymous login on one of my servers running the IIS 6.0 ftp site. The simple reason I was using it was to prevent login access to be displayed in plain text. Now I am trying to secure the FTP connection thru IPsec. Any tips on how to accomplish this?

    I am using server R2 '03 with a PIX firewall. I want to try this config on the PIX 5.1 which I saw on one of the previous postings:

    access-list nonat permit ip 172.16.1.0 255.255.255.0 inside network

    nat (inside) 0 access-list nonat

    ip local pool pool-name "dont know if this IPs have to be public or private"


    sysopt connection permit-ipsec

    crypto ipsec transform-set esp-aes-256-sha esp-aes-256 esp-sha-hmac
    crypto dynamic-map isvpn 10 set transform-set esp-aes-256-sha
    crypto map ocmap 10 ipsec-isakmp dynamic isvpn
    crypto map ocmap interface outside

    isakmp enable outside
    isakmp policy 10 authentication "I will use certificate"
    isakmp policy 10 encryption aes-256
    isakmp policy 10 hash sha
    isakmp policy 10 group 5
    isakmp policy 10 lifetime 86400

    vpngroup username address-pool pool-name
    vpngroup username dns-server dns ip
    vpngroup username default-domain domain name
    vpngroup username idle-time 1800
    vpngroup username password pwd

    The windows server is going to be my CA.

    Any help on this would be REAAAAAALLY appreciated.
     
    Last edited: Nov 11, 2006
    siul0_0, Nov 8, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Benson
    Replies:
    5
    Views:
    5,123
    Walter Roberson
    Nov 2, 2004
  2. Mike Easter

    Why can't I access ftp://ftp.isc.org/ ?

    Mike Easter, Mar 14, 2007, in forum: Computer Support
    Replies:
    10
    Views:
    915
    Vanguard
    Mar 15, 2007
  3. Mohammed Alani
    Replies:
    0
    Views:
    480
    Mohammed Alani
    May 2, 2007
  4. alannis.albert@googlemail.com
    Replies:
    0
    Views:
    617
    alannis.albert@googlemail.com
    Apr 14, 2008
  5. alannis.albert@googlemail.com
    Replies:
    0
    Views:
    752
    alannis.albert@googlemail.com
    Apr 14, 2008
Loading...

Share This Page