I have a few dumb questions

Discussion in 'MCSA' started by Tyler Cobb, May 7, 2007.

  1. Tyler Cobb

    Tyler Cobb Guest

    I'm learning about IPSec right now. I'm also learning that if I enable IPSec
    on my DC and other machines in the domain, they can communicate just fine...
    but if I disable IPSec on the DC and then on the other machines in the
    domain, they cannot talk to each other anymore. I forced a policy refresh,
    rebooted the computers, cleared the caches, everything I could think of. I'm
    apparently missing a step even though I can visually verify that IPSec
    policies are disabled on all machines in the domain. What am I doing wrong?

    It's like the filters are still in place.

    Thanks for any help you can give!
    Tyler Cobb, May 7, 2007
    #1
    1. Advertising

  2. Tyler Cobb

    catwalker63 Guest

    Tyler Cobb piffled away vaguely:

    > I'm learning about IPSec right now. I'm also learning that if I enable IPSec
    > on my DC and other machines in the domain, they can communicate just fine...
    > but if I disable IPSec on the DC and then on the other machines in the
    > domain, they cannot talk to each other anymore. I forced a policy refresh,
    > rebooted the computers, cleared the caches, everything I could think of. I'm
    > apparently missing a step even though I can visually verify that IPSec
    > policies are disabled on all machines in the domain. What am I doing wrong?
    >
    > It's like the filters are still in place.
    >
    > Thanks for any help you can give!
    >

    How about some more information? What version of server are you using?
    What version of the OS on the client (including SP)? For instance, the
    followin KB article describes an issue when a W2K or XPSP1 client modify
    a policy on a W2K3 domain:

    http://support.microsoft.com/kb/884909/en-us

    What was your policy, desribe it? How did you remove it? Have you
    tried the IPSec monitor tool to monitor what's happening? Any Event
    Log entries look interesting? Have you tried searching the MS KB
    yourself? Aren't you glad this is a lab you're working on and not a
    production environment? You are using a lab, right? Right?

    --

    Catwalker
    MCNGP #43
    www.mcngp.com
    "I have a gun. It's loaded. Shut up."
    catwalker63, May 7, 2007
    #2
    1. Advertising

  3. Tyler Cobb

    catwalker63 Guest

    Tyler Cobb piffled away vaguely:

    > I'm learning about IPSec right now. I'm also learning that if I enable IPSec
    > on my DC and other machines in the domain, they can communicate just fine...
    > but if I disable IPSec on the DC and then on the other machines in the
    > domain, they cannot talk to each other anymore. I forced a policy refresh,
    > rebooted the computers, cleared the caches, everything I could think of. I'm
    > apparently missing a step even though I can visually verify that IPSec
    > policies are disabled on all machines in the domain. What am I doing wrong?
    >
    > It's like the filters are still in place.
    >
    > Thanks for any help you can give!
    >

    Here's another general article on troubleshooting IPSec in W2K:

    http://support.microsoft.com/kb/257225/en-us

    Much of it can be used to troubleshoot W2K3 as well.
    --

    Catwalker
    MCNGP #43
    www.mcngp.com
    "I have a gun. It's loaded. Shut up."
    catwalker63, May 7, 2007
    #3
  4. Tyler Cobb

    Tyler Cobb Guest

    Thank you for your help, catwalker63! Your request for clarification sent me
    in the right directions and I managed to figure out what I was overlooking.
    Sorry for not including enough details in the first place.

    Tyler Cobb, MCP
    Tyler Cobb, May 8, 2007
    #4
  5. Tyler Cobb

    catwalker63 Guest

    Tyler Cobb piffled away vaguely:

    > Thank you for your help, catwalker63! Your request for clarification sent me
    > in the right directions and I managed to figure out what I was overlooking.
    > Sorry for not including enough details in the first place.
    >
    >

    What? After that, you're not going to share your solution?
    --

    Catwalker
    MCNGP #43
    www.mcngp.com
    "I have a gun. It's loaded. Shut up."
    catwalker63, May 8, 2007
    #5
  6. Tyler Cobb

    Tyler Cobb Guest

    It's more embarrassing than useful. I just forgot to shut off IPSec through
    the IP Security on the Local Machine snap-in.

    Tyler Cobb, MCP

    "catwalker63" <> wrote in message
    news:...
    > What? After that, you're not going to share your solution?
    Tyler Cobb, May 8, 2007
    #6
  7. Tyler Cobb

    catwalker63 Guest

    Tyler Cobb piffled away vaguely:

    >
    > "catwalker63" <> wrote in message
    > news:...
    >> What? After that, you're not going to share your solution?

    >
    > It's more embarrassing than useful. I just forgot to shut off IPSec through
    > the IP Security on the Local Machine snap-in.
    >

    Yeah, well I once called in a printer tech to fix a printer that
    wouldn't print. After he put in a toner cartridge it worked great.
    <sigh>
    --

    Catwalker
    MCNGP #43
    www.mcngp.com
    "I have a gun. It's loaded. Shut up."
    catwalker63, May 8, 2007
    #7
  8. Tyler Cobb

    John R Guest

    "catwalker63" <> wrote in message
    news:...
    >
    > Yeah, well I once called in a printer tech to fix a printer that
    > wouldn't print. After he put in a toner cartridge it worked great.
    > <sigh>


    Since we are admitting things here, I have twice been all over Kodak because
    my photo printer at home suddenly quits working with a generic 'Out of
    paper' error message, not thinking it could be the cartridge (because my
    wife could not have possibly printed out 40 photos already since the last
    time I changed it).

    Sign me up!!

    John
    John R, May 9, 2007
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Y2xlYXJub2lzZQ==?=

    A few questions for people that have passed their MCSE.

    =?Utf-8?B?Y2xlYXJub2lzZQ==?=, Aug 12, 2005, in forum: MCSE
    Replies:
    18
    Views:
    634
    Kline Sphere
    Aug 15, 2005
  2. sewerrat
    Replies:
    9
    Views:
    337
    Ron Hunter
    Jun 26, 2004
  3. David Napierkowski

    Dumb, dumb dumb Qestion

    David Napierkowski, Oct 30, 2004, in forum: Digital Photography
    Replies:
    6
    Views:
    341
  4. Au79

    Dumb, Dumb Vista

    Au79, Feb 10, 2007, in forum: Computer Support
    Replies:
    4
    Views:
    514
    WhzzKdd
    Feb 11, 2007
  5. Cody
    Replies:
    2
    Views:
    3,455
    John Wunderlich
    Jun 28, 2009
Loading...

Share This Page