To select an IPSec policy for a workstation

1. Open Network and Dial-up Connections.
2. Click Local Area Connection, and on the File menu, click Properties.
3. In the Local Area Connection Properties dialog box, under Components checked are used by this connection, click Internet Protocol (TCP/IP), and then click Properties.
4. Click Advanced, and then click the Options tab.
5. Under Optional settings, click IP security, and then click Properties.
6. Click Use this IP security policy, and then select the IPSec policy you want from the drop-down list.

Notes

• You must be a member of the Administrators group to set Internet Protocol security (IPSec) policies. If the computer participates in a Windows 2000 domain, the computer may receive the IPSec policy from Active Directory, overriding the local IPSec policy. In this case, the options are disabled and you cannot change them from the local computer.
• There are three predefined security policies: Client (Respond Only), Server (Request Security), and Secure Server (Require Security).
• Activating the Client (Respond Only) policy will not secure traffic unless the destination computer requests it. A server policy may need to be customized to work transparently with some programs and networks.
• For in-depth information about IP Security and the predefined security policies, open the IP Security Policy Management snap-in, and then on the Help menu, click Help Topics.
• For information about adding and opening the IP Security Policy Management snap-in, see Related Topics.
• IPSec, IKE and related services for Windows 2000 are jointly developed by Microsoft Corporation and Cisco Systems, Inc.

Related Topics