Introduction
This document contains the following sections:
•“Windows IP Security Configuration Overview” (page 13)
This section contains a brief overview of the Windows IPsec configuration parameters and the terminology used in the Windows IPsec configuration utilities.
•“Configuring a Windows
This section describes how to configure IP Security (IPsec) on a Windows client to secure IP packets sent to and received from an
•“Configuring a Windows
This section describes how to configure IPsec on a Windows client to secure IP packets sent to and received from an
•“Troubleshooting Tips” (page 38)
This section contains troubleshooting tips.
•“Comparing
This section compares how
•“Related Publications” (page 45)
This section contains a list of related
The procedures and examples in this document use preshared keys for IKE authentication. For information about using certificates for IKE authentication with Microsoft Windows, see Using Microsoft Windows Certificates with
The intended audience for this document is an
NOTE: The IP Security protocol suite is often referred to as IPsec. The
Testing Environment
The procedures in this white paper were tested using the following environment:
Component | Description |
|
|
Versions A.02.01 and A.02.01.01 | |
|
|
Microsoft Windows Client | Windows XP with Service Pack 2 (SP2) |
|
|
Known Problem with Windows 2000 SP1 and SP2
For this white paper, HP did not test with Windows 2000 systems. However, there is a known problem with Windows 2000 base systems and Windows 2000 systems with Service Pack 1 (SP1) or Service Pack 2 (SP2). The IP Security module on these systems does not properly process IPSec ESP packets that are fragmented across IP packets and drops these packets. The symptoms vary according to how the applications handle the dropped packets.
This problem is caused by a defect in the Windows 2000 SP1/ SP2 software and is fixed in Windows 2000 Service Pack 3 (SP3).
Introduction 11