Partilhar via


Add, edit, or remove IPSec policies

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To add, edit, or remove IPSec policies

  1. Create a console containing IP Security Policies. Or, open a saved console file containing IP Security Policies.

  2. Choose whether to add a new policy, or edit or remove an existing one:

    To Do this

    Add a new policy

    In the console tree, click IP Security Policies on Name. Next, on the Action menu, click Create IP Security Policy. Follow the instructions in the IP Security Policy Wizard until the Properties dialog box for your new policy appears.

    Modify an existing policy

    Double-click the policy that you want to modify.

    Remove a policy

    Click the policy that you want to remove, and on the Action menu, click Delete.

  3. If you are adding or modifying a policy, click the General tab, and then in Name, type a unique name.

  4. In Description, type a description of the security policy, such as which groups or domains it affects.

  5. To specify how often the IPSec Policy Agent checks for updates, type a value in Check for policy changes every numberminute(s).

  6. If you have special requirements for the security of the key exchange, click Settings.

  7. Click the Rules tab, and create or modify any necessary rules for the policy.

  8. Activate or deactivate rules as needed.

Notes

  • To manage Active Directory-based IPSec policies, you must be a member of the Domain Admins group in Active Directory, or you must have been delegated the appropriate authority. To manage local or remote IPSec policies for a computer, you must be a member of the Administrators group on the local or remote computer. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. For more information, see Default local groups and Default groups.

  • To create a console containing IP Security Policies, start the IP Security Policies snap-in. To open a saved console file, open MMC. For more information, see Related Topics.

  • For information about defining IPSec key exchange settings, see Related Topics.

  • For information about configuring IPSec rules, see Related Topics.

  • For information about how to activate or deactivate rules, see Related Topics.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Start the IP Security Policy Management snap-in
Open MMC
Add, edit, or remove IPSec rules
Activate or deactivate IPSec rules
Working with MMC console files
Define IPSec Key Exchange Settings