.png?width=100&auto=webp&quality=80&disable=upscale "Picture of John Savill")
.png?width=400&auto=webp&quality=80&disable=upscale "John Savill")
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
How do I define IPSec policy for a group policy object?
John Savill
April 2, 2000
1 Min Read
A. IPSec in a normal environment will be defined using a Group Policyobject configured on a domain or organizational unit.
Start the Active Directory Users and Computers MMC snap-in (Start - Programs - Administrative Tools - Active Directory Users and Computers)
Right click on the container that has the GPO and select Properties (e.g. the domain)
Select the 'Group Policy' tab
Select the Group Policy Object and select Edit
Expand the Computer Configuration root
Expand Windows Settings - Security Settings - IP Security Policies
Right click on the policy you wish to assign and select assign from its context menu
Click here to view image
You can only have one assigned, if you assign more than one the previously assigned one will be unassignedClose the Group Policy editor
If you wanted to remove the policy you would right click on the assigned oneand select un-assign from its context menu. Unlike other Group policy settingsIPSec policies will remain even if the GPO is deleted so make sure you un-assignbefore deleting the GPO.
Force a GPO update:
C:>secedit /refreshpolicy machine_policy /enforce Group policy propagation from the domain has been initiated for this computer. It may take a few minutes for the propagation to complete and the new policy to take effect. Please check Application Log for errors, if any.
About the Author
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
