Information Technology Reference
In-Depth Information
Using a Command-Line Interface
The following command assigns an IPSec policy called Default IPSec Policy:
> netsh ipsec static set policy name = "Default IPSec Policy" assign = yes
How It Works
Although you can define any number of IPSec policies on a local Windows Server 2003 computer
or within Active Directory, you can apply the settings of only a single policy to a single computer at
any given time. This process is known as assigning an IPSec policy. By assigning an IPSec policy
to a computer or group of computers, you are indicating that the settings contained within that
policy should apply to those computers.
Note If you assign an IPSec policy when one is already assigned, the old policy will be unassigned in favor
of the new one.
See Also
￿
Recipe 7-10 for unassigning an IPSec policy
Microsoft TechNet: “Assign IPSec Policy” ( http://www.microsoft.com/technet/
prodtechnol/windowsserver2003/library/ServerHelp/
08231c39-157f-409c-b7d3-0c94acf09d53.mspx )
￿
￿
Daniel Petri, “How Can I Configure an IPSec Policy Through GPO?”
( http://www.petri.co.il/configuring_ipsec_policies_through_gpo.htm )
7-10. Removing IPSec Configuration Information
Problem
You want to remove (unassign) IPSec configuration information to troubleshoot network
connectivity or return to a different configuration.
Using a Graphical User Interface
1.
Open the Group Policy Management Console or the IP Security Policy Management
MMC snap-in.
2.
Navigate to Computer Configuration\Windows Settings\Security Settings\
IP Security Policies.
3.
Right-click the security policy that you want to remove from the container and select
Un-Assign.
Search WWH ::




Custom Search