> using. But until now, I was not aware of how powerful of a solution IPsec is
> and its ability to be used in a FW like manner to stop inbound or outbound
> traffic by port, protocol or IP and nothing is coming past it *NOTHING*
> which would make BlackIce react.

It's not new Duane. All you're doing is blocking traffic by port. I'm
surprised that it's new to you.

The main advantage of IPSec is the Sec part, i.e. security. Simply
creating filters and a filter action like you are doing is the very very
simplest start. What the original poster wanted was security which to
do properly requires a PKI implementation. Then you get mutual
authentication and encryption, none of which you have right now.

> I am very impressed with IPsec and its ability to supplement in a FW like
> manner. <g>

Being doing that for ages, it's not new but it does have value, it's
just not the friendliest interface for noddies to configure and it
doesn't provide any stateful inspection or application inspection but
yes, if all you want to do is set up block/allow filters, it's fine.

> But just keep in mind I am not a guru like you are, and therefore, you can
> kiss my *ASS* about IPsec and anything else for that matter with your
> *tounge* hanging out. <vbg>

No need but keep reading, you'll learn as you go along. It fascinates
me why you post what you do sometimes.

Just remember, IPSec is an IP only solution, if you have NWLink or
NetBEUI installed and bound, you might just as well hand your PC over to
Mr Hacker.

David.