Setting IP Address Information and Host Security
Use the following procedure to configure the IP address and required networking information for a computer, as well as IP security and network traffic filtering.
Right click on the My Network Places icon located on the desktop and select Properties. The Network and Dial-up Connections window will appear.
.gif "Dd277421.w2kab175(en-us,TechNet.10).gif")
From the Network and Dial-up Connections window, right-click on the Local Area Connection object for the appropriate network controller card and select Properties (or double-click on the object). The Local Area Connection Properties window will appear.
.gif "w2kab176")
Select Internet Protocol (TCP/IP) and click the Properties button. The Internet Protocol (TCP/IP) Properties dialog window will appear. From this window, an authorized administrator can either assign a static IP address or set the computer to automatically obtain the IP address through a DHCP service.
.gif "w2kab177")
If the Obtain an IP address automatically radio button is selected, the authorized administrator can then choose to either obtain all other network information automatically by selecting the Obtain DNS server address automatically radio button, or set the information by selecting the Use the following DNS sever address: radio button.
If the Use the following IP address: radio button is selected, the authorized administrator can then enter static IP address information for the computer, including subnet mask, default gateway, and DNS information.
.gif "w2kab178")
Selecting the Advanced... button opens the Advanced TCP/IP Settings window, which allows the authorized administrator to set additional network information such as default gateways, DNS, WINS, and optional settings for IP security and TCP/IP filtering.
.gif "w2kab179")
To set IP security, select the Options tab. Within the Options tab view window, highlight the IP security entry under Optional settings: and click on the Properties button. The IP Security window will appear.
.gif "w2kab180")
By default, IP security is set to Do not use IPSEC. To change this setting select the Use this IP security policy radio button on the IP Security window and then choose from the IP security policy options presented in the drop down menu. Descriptions of the options are provided below.
.gif "w2kab181")
Client (Respond Only). Communicate normally (unsecured). Use the default response rule to negotiate with servers that request security. Only the requested protocol and port traffic with that server is secured.
Secure Server (Require Security). For all IP traffic, always require security using Kerberos trust. Do NOT allow unsecured communication with untrusted clients.
Server (Request Security). For all IP traffic, always request security using Kerberos trust. Allow unsecured communication with clients that do not respond to request.
To enable IP filtering, select the Options tab. Within the Options tab view window, highlight the TCP/IP entry under Optional settings: and click on the Properties button. The IP Security window will appear. Enable IP filtering by checking the Enable TCP/IP Filtering (All adapters) check box.
The default is to permit all traffic. To deny all traffic and define specific port traffic that will be allowed, select the Permit Only radio buttons for TCP Ports, UDP Ports, or IP Protocols and select the respective Add... buttons to specify the port traffic that is to be allowed access for the computer.
.gif "Dd277421.w2kab182(en-us,TechNet.10).gif")
.gif "Dd277421.w2kab175(en-us,TechNet.10).gif")
.gif "Dd277421.w2kab182(en-us,TechNet.10).gif")