IPSec to 3rd party gateway and W2k svr

  • Thread starter Thread starter Jutta Kullmann
  • Start date Start date
J

Jutta Kullmann

Hi,

I configured my W2k server for IPSec tunneling with a 3rd
party gateway according to the KB252735. It is not
working. When running the IP Security Monitoring tool, it
states 'IP Security not enabled on this computer'.
However, the only option I see to 'enable' the IPSec
Policy is to choose 'Assign' in the 'IP Security Policy
Management snap-in, which I have done. I cannot figure out
what I am missing. The Network Monitor never sees any
ISAKAMP traffic when pinging from the W2k server, but I
saw some when pinging from the 3rd party gateway.

Thanks for any insights.

Jutta
 
Thank you Steven.

Here is some more info. I am running this test on a LAN, so firewall is not
an issue. I am using preshared key (letters only, no numbers in case this
matters). I ran the netdiag command and I am getting: IP security test:
Skipped.. The IPSec Policy Agent service is not started.

I 'Assigned' my policy in my secpol.msc and then even restarted my server.
When booting up, I noticed, that it said: Installing Security Policy. I was
very hopeful when I saw that, but I am still getting 'The IPSec Policy Agent
service is not started'.I double checked the Policy is still Assigned in the
Local Security Settings.

I am at a loss and I cannot find anything, that the IPSec Policy Agent
service has to be started somewhere. The Event Viewer doesn't give me any
info, since I guess there is no Event happening, if IPSec Policy Agent
service is not recognized as being started.

Thanks for any other thoughts.
Jutta
 
Thanks again.

Ok, I got to the IPSEC Policy Agent Properties and 'Startup Type' was
Disabled. I set it for 'Automatic', but it still doesn't start.
I click on Start and I get a Warning message: Could not start uthe IPSEC
Policy Agent service on Local Computer. The service did not return an error.
This could be an internal Windows error or an internal service error. If the
problem persists, contact your system administrator.

The Event Viewer Properties show:

IPSEC Policy Agent Service:Ipsec Drivers failed to start.
<next>
IPSEC Policy Agent Service couldn't be started: Oakley failed to start
 
Thanks, that guided me in the right direction.

Ok, I got to the IPSEC Policy Agent Properties and 'Startup Type' was
Disabled. I set it for 'Automatic', but it still doesn't start.
I click on Start and I get a Warning message: Could not start the IPSEC
Policy Agent service on Local Computer. The service did not return an error.
This could be an internal Windows error or an internal service error. If the
problem persists, contact your system administrator.

IPSEC Policy Agent Service is dependent only on RPC, which is 'started'.


The Event Viewer Properties show:

IPSEC Policy Agent Service:Ipsec Drivers failed to start.
<next>
IPSEC Policy Agent Service couldn't be started: Oakley failed to start

Any thoughts on that?
Thanks,
Jutta
 
Back
Top