Solved

can i turn off IPSec

Posted on 2008-10-28
8
3,405 Views
Last Modified: 2012-06-21
Microsoft Server 2003, Small Business, SP2

Can I disable the "IPSEC Services" service with no repercussions? or will doing that blow the server up?

See this error in event viewer: "The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. " and I don't really use IPSEC so I don't want to risk IPSEC freaking out and blocking my legit users.

Thanks
0
Comment
Question by:shard26
  • 4
  • 4
8 Comments
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22825676
If you are not using IPSec then you can disregard those error messages, they will not affect your users.

So if you aren't using and IPSec infrastructure you will be able to disable the services without issue. That being said I would stay a little late one night and do it just on the off chance that something is affected.
0
 
LVL 4

Author Comment

by:shard26
ID: 22825839
How can I verify that we are not using IPSec? Just to be safe.


0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22825947
If you didn't turn it on explicitly (and I assume you are the network admin) then you aren't using it.

If you still want to double check then just go to a client machine and go Start -> Run -> "Secpol.msi" .

In the bottom of that list you will see something like what is in the image that I attached. You will then be able to see if any of the policies are enabled.

For future reference, here is a good guide about implementing IPSec in your domain:

http://www.enterprisenetworkingplanet.com/netsecur/article.php/3489911
IPSecPol.jpg
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 4

Author Comment

by:shard26
ID: 22826423
computer doesn't know the command secpol.msi
0
 
LVL 4

Author Comment

by:shard26
ID: 22826530
i am pretty confident we have set up no policies.
0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22826577
If it doesn't recognize secpol.msi you can launch the MMC by going Start -> Run -> "MMC" and then adding the Local Security Policy Snap-In.

I am also pretty confident that you don't have policies in place. =]
0
 
LVL 4

Author Comment

by:shard26
ID: 22827929
so no policies in place means i can kill the service?

0
 
LVL 14

Accepted Solution

by:
dfxdeimos earned 350 total points
ID: 22828492
Yes.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now