Posted in How To

Step by Step Guide to configuring IPSec rules

   April 20, 2023

Here is a step-by-step guide to configuring IPSec rules in Local Group Policy:

  1. Open the Local Group Policy Editor by typing gpedit.msc in the Run dialog box (Win+R).
  2. In the left pane, navigate to Computer Configuration -> Windows Settings -> Security Settings -> IP Security Policies on Local Computer.
  3. Right-click IP Security Policies on Local Computer and select Create IP Security Policy from the context menu.
  4. In the Welcome to the IP Security Policy Wizard dialog box, click Next.
  5. Enter a name and description for the IPSec policy, and click Next.
  6. Select the Activate the default response rule option, and click Next.
  7. In the Completing the IP Security Policy Wizard dialog box, click Finish.
  8. In the IP Security Policies on Local Computer console, right-click the new IPSec policy and select Edit from the context menu.
  9. In the IPSec Policy Wizard, click Next.
  10. In the Select IP Filter List dialog box, click Add.
  11. In the IP Filter List Wizard, enter a name and description for the IP filter list, and click Next.
  12. Select the Mirrored option, and click Next.
  13. Select the IP protocols and ports that you want to filter, and click Next.
  14. Select the Allow or Block option for the traffic, and click Next.
  15. In the Completing the IP Filter List Wizard dialog box, click Finish.
  16. In the Select IP Filter List dialog box, select the IP filter list that you just created, and click Next.
  17. In the Select Filter Action dialog box, select the Negotiate security option, and click Next.
  18. In the Completing the Filter Action Wizard dialog box, click Finish.
  19. In the IPSec Policy Wizard, click Next.
  20. In the Select Authentication Method dialog box, select the authentication method that you want to use, and click Next.
  21. In the Completing the IPSec Policy Wizard dialog box, click Finish.
  22. In the Local Group Policy Editor, navigate to Computer Configuration -> Windows Settings -> Security Settings -> Windows Firewall with Advanced Security -> Windows Firewall with Advanced Security -> Inbound Rules.
  23. Right-click Inbound Rules and select New Rule from the context menu.
  24. In the New Inbound Rule Wizard, select the Custom rule type, and click Next.
  25. Select the All programs option, and click Next.
  26. Select the Protocol and Ports option, and click Next.
  27. Select the TCP or UDP protocol and the specific ports that you want to filter, and click Next.
  28. Select the Block the connection option, and click Next.
  29. Select the Domain, Private, and Public options for the rule, and click Next.
  30. Enter a name and description for the rule, and click Finish.

Configuring IPSec rules in Local Group Policy involves creating an IPSec policy, defining IP filter lists and filter actions, selecting an authentication method, and creating a custom inbound rule in Windows Firewall with Advanced Security. By following these steps, you can configure IPSec rules to filter network traffic and enhance the security of your computer.

Share: XFacebookPinterestLinkedin
Author: tonyhughes