A. IPSec in a Windows 2000 domain will normally be assigned using Group Policies however it can also be set on a computer basis.
- Right click on 'My Network Places' and select Properties
- Right click on 'Local Area Connection' and select Properties
- Select 'Internet Protocol (TCP/IP)' and click Properties
- Click the Advanced button
- Select the Options tab
- Select 'IP security' and click Properties
- Check the 'Use this IP security policy:' and select a policy to use:
- Client (Respond Only) - It will only use IPSec if asked to by the other end of a session
- Secure Server (Require Security) - All IP traffic requires security using Kerberos trust
- Server (Require Security) - Use IP security if possible
Click here to view image
- Click OK to all dialogs
To set IPSec on a machine you must be a member of the local Administrators group. Also if a domain IPSec policy has been defined then you can not override with a local policy, the options will be grayed out.