Solved

Secure server IPSec policy between 2 XP machines

Posted on 2009-04-02
3
323 Views
Last Modified: 2013-12-04
I have set up an IPSec policy that requires traffic from one PC (A) to another (B) use a secure connection (filter set to require security, negotiate security). This policy is applied to PC B.
The result is that no trafiic at all appears to pass between PC's A & B. I am unable to connect to a share on PC B from PC A, and when a ping is attempted I see 'Negotiaiting IP Security' as the 4 ping responses.
I need to get an understanding of how IPSec works before moving on to a larger project, so if anyone can explain why the two XP PC's cannot negotiate security I'd appreciate it.
Also, if you have tips on tools to use to troubleshoot IPSec I'd appreciate it (I'm using the IPSec monitor mmc).
0
Comment
Question by:agradmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 31

Accepted Solution

by:
Toni Uranjek earned 500 total points
ID: 24049085
Hi!

You have to enable IPsec policy on PC A also. Assign Client (respond only) to PC A to enable communications with PC B. Because you have used Secure Server (require security) PC B will only communicate with computers which can use IPSec.

HTH

Toni
0
 

Author Comment

by:agradmin
ID: 24049184
Thanks, I'll try that. I was wondering that myself, but documentation seems to imply that if a device is IPSec-able it would work, which would apply in this case.
0
 

Author Closing Comment

by:agradmin
ID: 31565754
Solution works fine.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question