Skip navigation

JSI Tip 5017. How do I use IPSec secure Terminal Services communications in Windows 2000?

Microsoft Knowledge Base Article 315055 contains the following summary:

You can use Windows 2000 Terminal Services to gain access to programs in a multiple-user Terminal server environment. Communications between the Terminal Services client computer and the server that has Terminal Services enabled can contain sensitive information; therefore, you may want to optimize security between the Terminal Services client and the Terminal server. This step-by-step article describes how to configure the Terminal server to require varying degrees of encryption by using the RC4 algorithm to secure Terminal Services communications.

Many organizations use standardized Internet Protocol security (IPSec) for network security. You can configure IPSec policies on Terminal servers to force all Terminal Services communications to be protected by IPSec.

This article assumes that you are configuring computers that are a part of a domain structure. If the computer is not part of a domain structure, you may also have to configure encryption and authentication services.

For additional information about troubleshooting IPSec, click the article number below to view the article in the Microsoft Knowledge Base:

257225 Basic IPSec Troubleshooting in Windows 2000

To enable IPSec protection for Terminal Services:

1. Create an IPSec filter list to match Terminal Services packets.
2. Create an IPSec policy to enforce IPSec protection, and then enable the policy.
3. Enable the Client (respond-only) policy on the Terminal Services clients.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.