—Tunnel Settings
The tunnel settings specify if the rule is a tunnel rule. If it is a tunnel rule, the settings also specify the tunnel destination endpoint.
—Connection Type
The connection type specifies the connection (link) types for the rule, such as LAN.
•General
The general parameters for a policy specify IKE SA parameters, such as the IKE encryption algorithm, IKE hash (integrity algorithm),
By comparison, a minimal
Configuring a Windows Host-to-Host Policy
This section describes one method for configuring
To use this method, complete the following steps:
1.Start the IP Security Policies
2.Create an IP Security policy. See “Step 2: Creating a Policy” (page 15).
3.Add a rule to the policy. See “Step 3: Adding a Rule” (page 16).
4.Create a Filter List for the rule and configure filters. See “Step 4: Creating the IP Filter List and Filters for the Rule” (page 18).
5.Configure filter actions for the rule. The filter actions contain IPsec transforms or other actions. See “Step 5: Configuring Filter Actions for the Rule” (page 21).
6.Configure the IKE authentication method and preshared key for the rule. See “Step 6: Configuring the IKE Authentication Method and Preshared Key for the Rule” (page 25).
7.Specify the network link (connection) types for the rule. See“Step 7: Configuring the Connection Type for the Rule” (page 26).
8.Modify the IKE SA parameters for the policy. By default, Windows clients will use IKE SA parameters that are compatible with the default
9.Start the IP Security service. The IP Security service must be running before you can assign the new IP Security policy. See “Step 9: Starting the IP Security Service” (page 29).
10.Assign (activate) the new IP Security Policy. See “Step 10: Assigning the IP Security Policy” (page 30).
11.Verify the configuration. See “Step 11: Verifying the Configuration” (page 31).
Because this is a
14