To add or edit IPSec policies


In IP Security Policies, choose whether to define a new policy or edit a current one:

ToDo this

Create a new policy

In the console tree, click IP Security Policies on Name. Next, on the Action menu, click Create IP Security Policy. Complete the instructions in the IP Security Policy Wizard until the Properties dialog box for your new policy appears.

Edit an existing policy

Double-click the policy.


Click the General tab, and then in Name, type a unique name.


In Description, type a description of the security policy, such as which groups or domains it affects.


For domain-based policy, to specify how often the IPSec Policy Agent checks Active Directory for updates, type a value in Check for policy changes every number minute(s).


If you have special requirements for the security of the key exchange, click Advanced.


Click the Rules tab and create or modify any necessary rules for the policy.


To define Active Directory-based IPSec policy, you must have Group Policy administrative permissions. To manage local or remote IPSec policy for a computer, you must be a member of the Administrators group on the local or remote computer.

To open IP Security Policies, see Related Topics.

To configure advanced settings, see Related Topics.

To configure Rules, see Related Topics.

Related Topics

Define advanced IPSec settings

Applying IPSec policies

Add or edit rules

Start the IP Security Policies snap-in

© 2017 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy & Cookies