Lock Ping traffic with IPSec

In this article we will show you how to configure Windows 2000 / XP / 2003 computers to block Ping packets.

In this article we will show you how to configure Windows 2000 / XP / 2003 computers to block Ping packets.

Windows 2000 / XP / 2003 computers have a built-in IP security mechanism called IPSec (IP Security). IPSec is a protocol designed to protect TCP / IP data packets when they are transmitted in the network using public key encryption. In essence, the source machine will package the standard IP address inside an encrypted IPSec. This packet will then be maintained in encrypted state until it reaches the destination machine.

In addition to the above feature, besides encryption, IPSec also allows you to protect and configure workstations and servers with a firewall-like mechanism.

Can you protect your computers with IPSec? Quite simply, just create a policy to instruct the computer to block certain IP traffic configured by that rule.

Lock PING on a computer

To lock PING traffic to and from a computer, you need to create an IPSec policy to block all ICMP traffic.

Check if the computer responds to PING requests by pinging it:

Lock Ping traffic with IPSec Picture 1

To configure, follow these steps:

Configure the list of IP address filtering and filtering actions.

Open the MMC window ( Start> Run> MMC ).

Add Security Policy Management Snap-In .

Lock Ping traffic with IPSec Picture 2 Lock Ping traffic with IPSec Picture 2 Lock Ping traffic with IPSec Picture 3

In the Select which computer this policy will manage window, select Local Computer (or whatever policies depend on your needs). Click Close and then click OK .

Lock Ping traffic with IPSec Picture 4 Lock Ping traffic with IPSec Picture 4

Right-click IP Security Policies in the left pane of the MMC console. Select Manage IP Filter Lists and Filter Actions .

Lock Ping traffic with IPSec Picture 5 Lock Ping traffic with IPSec Picture 5

You do not need to configure a specific IP Filter (IP Filter) for ICMP (the protocol used for PING) because such a filter already exists by default - All ICMP Traffic.

Lock Ping traffic with IPSec Picture 6

However, you can still configure many specific IP Filter (IP Filter) for ICMP. For example, you might want to prevent a server from answering all PINGs except for PINGs sent by a computer that is used by the help desk. In that case, you need to add a new IP Filter and use your defined destination and source IP addresses, and the ICMP protocol. We will show you how to lock the browsing action but still allow IPSec internal network traffic in another article for you to learn more about how to create an IP Filter filter.

In Manage IP Filter Lists and Filter actions , review your filters and consider whether it's all ok, click the Manage Filter Actions tab. Now we need to add filtering to lock our designated traffic, so click Add .

Lock Ping traffic with IPSec Picture 7 Lock Ping traffic with IPSec Picture 7

In the Welcome screen, click Next .

In Filter Action Name , click Next .

Lock Ping traffic with IPSec Picture 8 Lock Ping traffic with IPSec Picture 8

In Filter Action General Options click Block and then click Next .

Lock Ping traffic with IPSec Picture 9 Lock Ping traffic with IPSec Picture 9

Go back to Manage IP Filter Lists and Filter actions , review all your filters if it's ok, then click the Close button. You can add Actions Filters and Actions Filter at any time if you want.

Lock Ping traffic with IPSec Picture 10

The next step is to configure IPSec Policy and assign it.

Configure IPSec Policy

In the MMC interface, right-click IP Security Policies on the Local Computer and select Create IP Security Policy .

Lock Ping traffic with IPSec Picture 11 Lock Ping traffic with IPSec Picture 11

In the Welcome screen, click Next

In the IP Security Policy Name , enter a descriptive name, such as " Block PING ". Click Next .

Lock Ping traffic with IPSec Picture 12 Lock Ping traffic with IPSec Picture 12

In the Request for Secure Communication window, uncheck the Active the Default Response Rule check box. Click Next .

Lock Ping traffic with IPSec Picture 13 Lock Ping traffic with IPSec Picture 13

In the Completing IP Security Policy Wizard window, click Finish .

Lock Ping traffic with IPSec Picture 14 Lock Ping traffic with IPSec Picture 14

We now need to add the various IP Filters and Filter Actions to the new IPSec Policy . In the new IPSec Policy window, click Add to add IP Filters and Filter Actions

Lock Ping traffic with IPSec Picture 15 Lock Ping traffic with IPSec Picture 15

In the welcome window, click Next .

In Tunnel Endpoint , make sure that the default settings are selected and click Next .

Lock Ping traffic with IPSec Picture 16 Lock Ping traffic with IPSec Picture 16

In the Network Type window, select All Network Connections and click Next .

Lock Ping traffic with IPSec Picture 17 Lock Ping traffic with IPSec Picture 17

In the IP Filter List window, select " All ICMP Traffic " (or any IP Filter configured in step 5 above the article). If for some reason, you did not properly configure the IP Filter beforehand, you can click Add and add it at this time. When done, click Next .

Lock Ping traffic with IPSec Picture 18 Lock Ping traffic with IPSec Picture 18

In the Filter Action window select " Block ". Next, if you have not configured the right Filter Action before, you can click Add to add it now. When done, click Next .

Lock Ping traffic with IPSec Picture 19 Lock Ping traffic with IPSec Picture 19