Set L2TP over IPSec output filters

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To set L2TP over IPSec output filters

To set L2TP over IPSec output filters, you must configure the filters and select the appropriate filter action.

To add the first L2TP over IPSec output filter

  1. Open Routing and Remote Access.

  2. In the console tree, click General.

    Where?

    • Routing and Remote Access/server name/IP Routing/General

  3. In the details pane, right-click the interface on which you want to add a filter, and then click Properties.

  4. On the General tab, click Outbound Filters.

  5. In the Outbound Filters dialog box, click New.

  6. In the Add IP Filter dialog box, select the Source network check box.

  7. In IP Address, type the IP address of the interface, and in Subnet mask, type 255.255.255.255.

  8. In Protocol, click UDP.

  9. In Source port, type 500.

  10. In Destination port, type 0, and then click OK.

To add the second L2TP over IPSec output filter

  1. On the General tab, click Outbound Filters.

  2. In the Outbound Filters dialog box, click New.

  3. In the Add IP Filter dialog box, select the Source network check box.

  4. In IP Address type the IP address of the interface, and in Subnet mask, type 255.255.255.255.

  5. In Protocol, click UDP.

  6. In Source port, type 1701.

  7. In Destination port, type 0, and then click OK.

To add the third L2TP over IPSec output filter

  1. On the General tab, click Outbound Filters.

  2. In the Outbound Filters dialog box, click New.

  3. In the Add IP Filter dialog box, select the Source network check box.

  4. In IP Address type the IP address of the interface, and in Subnet mask, type 255.255.255.255.

  5. In Protocol, click UDP.

  6. In Source port, type 4500.

  7. In Destination port, type 0, and then click OK.

To select the filter action for the output filter

  • In the Outbound Filters dialog box, click Drop all packets except those that meet the criteria below, and then click OK.

Note

  • To perform this procedure, you must be a member of the Administrators group. As a security best practice, consider using the Run As command rather than logging on with administrative credentials. If you have logged on with administrative credentials, you can also open Routing and Remote Access by clicking Start, clicking Control Panel, double-clicking Administrative Tools, and then double-clicking Routing and Remote Access. For more information, see Default local groups, Default groups, and Using Run as.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Working with MMC console files
Packet filtering
Add a packet filter
Select the L2TP over IPSec interface
Set L2TP over IPSec input filters