Connection Security Rule Wizard: Endpoints Page

Published: January 20, 2009

Updated: January 20, 2009

Applies To: Windows 7, Windows Server 2008 R2

Use the settings on this wizard page to specify the computers that can participate in connections created by this connection security rule. The connection security rule applies to communications between any computer in Endpoint 1 and any computer in Endpoint 2. If the local computer has an IP address that is included in one of the endpoint definitions, then it can send and receive network packets through this connection to computers that are listed in the other endpoint. An endpoint can be a single computer or a group of computers, defined by an IP address, an IP subnet address, an IP address range, or a predefined set of computers identified by role: default gateway, WINS servers, DHCP servers, DNS servers, or local subnet. The local subnet is the collection of all computers available to this computer, except for any public IP addresses (interfaces). This includes both local area network (LAN) and wireless addresses.

  1. In the Windows Firewall with Advanced Security MMC snap-in, right-click Connection Security Rules, and then click New Rule.

  2. On the Rule Type page, select either Server-to-server or Custom, and then click Next.

Use this section to define the computers that are part of Endpoint 1 and can use this rule to communicate with the computers that are part of Endpoint 2.

Select this option to specify that Endpoint 1 consists of any computer that needs to communicate with a computer in Endpoint 2. Any network traffic to or from a computer in Endpoint 2 matches this rule and is subject to its authentication requirements.

Select this option to specify the IP addresses of the computers that make up Endpoint 1. Click Add or Edit to display the IP Addresses dialog box to create or modify your entries.

Click Customize to display the Customize Interface Types dialog box to select the network adapter types to which this rule applies. The default is to apply this rule to all network adapters of any type.

Use this section to define the computers that are part of Endpoint 2 and can use this rule to communicate with the computers that are part of Endpoint 1.

Select this option to specify that Endpoint 2 consists of any computer that needs to communicate with a computer in Endpoint 1. Any network traffic to or from a computer in Endpoint 1 matches this rule and is subject to its authentication requirements.

Select this option to specify the IP addresses of the computers that make up Endpoint 2. Click Add or Edit to display the IP Addresses dialog box to create or modify your entries.

After you create the connection security rule, you can change these settings in the Connection Security Rule Properties dialog box. This dialog box opens when you double-click a rule in Connection Security Rules. To change the computers that are in Endpoint 1 or Endpoint 2, click the Computers tab. To change the interface types to which this rule applies, click the Advanced tab, and then under Interface types, click Customize.

Community Additions

ADD
Show: