How do I enable IPSec on a machine?

A. IPSec in a Windows 2000 domain will normally be assigned using Group Policies however it can also be set on a computer basis.

  1. Right click on 'My Network Places' and select Properties
  2. Right click on 'Local Area Connection' and select Properties
  3. Select 'Internet Protocol (TCP/IP)' and click Properties
  4. Click the Advanced button
  5. Select the Options tab
  6. Select 'IP security' and click Properties
  7. Check the 'Use this IP security policy:' and select a policy to use:
    - Client (Respond Only) - It will only use IPSec if asked to by the other end of a session
    - Secure Server (Require Security) - All IP traffic requires security using Kerberos trust
    - Server (Require Security) - Use IP security if possible
    Click here to view image
  8. Click OK to all dialogs

To set IPSec on a machine you must be a member of the local Administrators group. Also if a domain IPSec policy has been defined then you can not override with a local policy, the options will be grayed out.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.