|< Day Day Up >|| |
In this lab, you will troubleshoot a problem related to a remote client, Computer2, and a local server, Computer1, that cannot establish a secure connection. Read the following scenario and then answer the questions that follow. The questions are intended to reinforce key information presented in this chapter. If you are unable to answer a question, review the lessons and try the question again. You can find answers to the questions in the “Questions and Answers” section at the end of this chapter.
To prepare the computers for this troubleshooting lab, use Windows Explorer to browse through the CD-ROM accompanying this book. On Computer1, log on as an Administrator, open the Labs folder, and then double-click the file named ch9- computer1.bat. On Computer2, log on as an Administrator, open the Labs folder, and then double-click the file named ch9-computer2.bat.
You are in the process of deploying IPSec policies to the computers in your domain. You’re working with a user at a remote office to verify that his mobile computer is successfully establishing an IPSec connection to an intranet Web server and that all communication is encrypted. Right now, you are simply using IIS’ default “Under Construction” Web page to verify that traffic to and from http://computer1 is encrypted. After you verify that communications are encrypted, you plan to deploy the intranet Web application.
Because the client computer is at a remote location, you want to do as much troubleshooting as possible from Computer1.
Which of the following tools can you use to check which IPSec policy is assigned to Computer1? (Choose all that apply.)
IP Security Monitor
Open Microsoft Internet Explorer on Computer2, type the URL http://computer1 in the address bar, and then click Go. Is traffic from Computer2 reaching Computer1? How can you tell?
Is the traffic encrypted? How can you tell?
Are Main Mode negotiations succeeding? How can you tell?
Based on the information you have gathered, what is the likely cause of the problem, and how will you resolve the problem?
How will you verify that IPSec negotiations are now successful?
|< Day Day Up >|| |