Share via

How to Create and Assign the IPSec Policy

  • Article

 

This article explains how to create and assign the IPSec Policy that is described in How to Create a Block TCP 25 IPSec Policy. If you have followed those steps, then you have created the base Group Policy object, defined the SMTP filters, and specified the block action to take on the filters. Now you must create and assign the IPSec policy.

Before You Begin

The procedure in this article specifies naming conventions in bold italic. As you work through the other related procedures as listed in How to Create a Block TCP 25 IPSec Policy, notice that the policies, descriptions, and filters that are named in earlier procedures are referenced in subsequent procedures (again in bold italic).

It is recommended that you review Slowing and Stopping E-mail Viruses in Exchange Server 2003: Optional Configurations before implementing this procedure.

Procedure

To create the IPSec policy

  1. In Group Policy Object Editor, expand Computer Configuration, expand Windows Settings, and then expand Security Settings.

  2. Right-click IP Security Policies on Active Directory, and then select Create IP Security Policy. The IP Security Policy Wizard is displayed.

  3. On the Welcome to the IP Security Policy Wizard page, click Next.

  4. On the IP Security Policy page, enter Block TCP 25 Policy in the Name field, enter This policy blocks TCP 25 in the Description field, and then click Next.

  5. On the Requests for Secure Communication page, clear the Activate the default response rule check box, and then click Next.

  6. On the Completing the IP Security Policy Wizard page, leave the check box, Edit properties selected (checked), and then click Finish. The Block TCP 25 Policy Properties page will be displayed.

  7. On the Rules tab, click Add. The Security Rule Wizard is displayed.

  8. On the Welcome to the Create IP Security Rule Wizard welcome page, click Next.

  9. On the Tunnel Endpoint page, leave the default selection This rule does not specify a tunnel, and then click Next.

  10. On the Network Type page, leave the default selection All network connections, and then click Next.

  11. On the IP Filter List page, select Inbound TCP 25, and then click Next.

  12. On the Filter Action page, select Block, and then click Next.

  13. On the Completing the Security Rule Wizard page, clear the check box Edit properties, and then click Finish.

  14. You must now specify the Outbound TCP 25 filter. Follow steps 7 through 13. However, in step 11, select Outbound TCP 25.

  15. To assign this policy, see How to Assign an IPSec Policy.