Solved

can i turn off IPSec

Posted on 2008-10-28
8
3,418 Views
Last Modified: 2012-06-21
Microsoft Server 2003, Small Business, SP2

Can I disable the "IPSEC Services" service with no repercussions? or will doing that blow the server up?

See this error in event viewer: "The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. " and I don't really use IPSEC so I don't want to risk IPSEC freaking out and blocking my legit users.

Thanks
0
Comment
Question by:shard26
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22825676
If you are not using IPSec then you can disregard those error messages, they will not affect your users.

So if you aren't using and IPSec infrastructure you will be able to disable the services without issue. That being said I would stay a little late one night and do it just on the off chance that something is affected.
0
 
LVL 4

Author Comment

by:shard26
ID: 22825839
How can I verify that we are not using IPSec? Just to be safe.


0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22825947
If you didn't turn it on explicitly (and I assume you are the network admin) then you aren't using it.

If you still want to double check then just go to a client machine and go Start -> Run -> "Secpol.msi" .

In the bottom of that list you will see something like what is in the image that I attached. You will then be able to see if any of the policies are enabled.

For future reference, here is a good guide about implementing IPSec in your domain:

http://www.enterprisenetworkingplanet.com/netsecur/article.php/3489911
IPSecPol.jpg
0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 
LVL 4

Author Comment

by:shard26
ID: 22826423
computer doesn't know the command secpol.msi
0
 
LVL 4

Author Comment

by:shard26
ID: 22826530
i am pretty confident we have set up no policies.
0
 
LVL 14

Expert Comment

by:dfxdeimos
ID: 22826577
If it doesn't recognize secpol.msi you can launch the MMC by going Start -> Run -> "MMC" and then adding the Local Security Policy Snap-In.

I am also pretty confident that you don't have policies in place. =]
0
 
LVL 4

Author Comment

by:shard26
ID: 22827929
so no policies in place means i can kill the service?

0
 
LVL 14

Accepted Solution

by:
dfxdeimos earned 350 total points
ID: 22828492
Yes.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question