Configure Your Firewall when Downloading any New Microsoft Service Packs
Dougie & Hilbert.....
Per our previous conversation about automatically downloading Windows Updates without checking it out first. I broke my own rule on this one and it costs me at least 2 nites to study and eventually remove.
IPSec Enhancements for Windows XP and Win2K
Windows 2000/XP Hot Fix SP5 Q 818043
Sounded critical enough to be downloaded, but it is a Microsoft Encyrption Security device that makes it necessary for you to re-configure your Firewalls.
If you don't, you will not be able to open your Favorite Hyper Links to like"Hot Chicks in Brighton", cause Microsoft has just put you under Parental Controls until you coordinate all your Fire-Walls.
Service Pack 2 has its own built in Firewall, Charter/AOL have their Fire-Wall and you have your own Norton AV Firewall.... Each one needs to be configured to be compatible.....or you get one big conflicting mess.....
You can install this enhancement on XP Service Pack 1 (SP1) and Win2K systems interactively at Windows Update (http://windowsupdate.microsoft.com). Microsoft officially posted it as a Recommended Update on May 28, 2003; the related Microsoft article is "L2TP/IPSec NAT-T Update for Windows XP and Windows 2000" (http://support.microsoft.com/?kbid=818043). If you prefer to download the software and test it before deploying it.
Many of us implement Network Address Translation (NAT) on firewalls and routers as the first line of defense in protecting internal systems. When NAT is active and a user connects to a system on the Internet, the firewall or router repackages the request so that the client system remains anonymous. In technical terms, the NAT device remembers the address of the system making the request and the destination address. The NAT device then replaces the original client address with its own address (or one of a range of preconfigured addresses) and forwards the request to the destination machine. See information that I sent you before about Static IP Addresses.
Windows 2000 Hotfix (SP5) Q818043,. If you plan to upgrade clients to use this new feature, you need to open the following ports on the NAT devices at both ends of the L2TP connection.
• The L2TP portion of the connection requires UDP Port 500 and UDP Port 1701.
• The Nat-T portion of the connection uses UDP Port 4500.
• The ESP encryption portion of the connection uses TCP Port 50. If you have trouble making L2TP connections after you configure firewalls at both ends, you might have an intermediary firewall at your ISP or Telco provider that's preventing the connection. You might need to ask your ISP to enable traffic on these ports. I did the best research that I could do, and Charter claims that they are not part of any problem, I reconfigured the Firewall, and all to no avail.....so I ended up deleting the Update. (Some updates are Permanent) and you can NEVER delete again....they become part of your Computer.!!!!
Lesson learned.... Caution yourself on the Q 818043. Microsoft SP5/fix.
From other Web Tech sites, I learned that this is mostly Security Patch for Windows XP - I only have Windows 2000, so maybe that is why I had so many problems. Fixing this one was like chasing one of those Virus/Trojan things. Hopefully, after a few Re-Boots, I will be back to normal. POPS
100.03
Contributing Source
Microsoft
4/1/08
No comments:
Post a Comment