Windows 2000 IPSec question ...

Dogmeat · Post by **Dogmeat** » Thu Jun 28, 2001 10:41 am

Why is it that when I set the "Secure Server" IPSec policy for the domain controller policy, my secondary domain controller won't talk to the main one?

Basically I installed Windows 2000 on the big machine in the server room, as the first DC/rid/whatever machine ... then I brought up a second one. This one is sitting on my desk. When I set the default IPSec policy to "Secure Server" ... I can no longer access the group policy?

So far there are on ly these two DC servers in the domain ...

I wanna experiment with this IPSec thing.

I don't see how these two DC's wouldn't be trusting each other already ...? If thats the case how do I establish a kerberos trust between the two so they'll talk?

Thanks ...

Thorazine · Post by **Thorazine** » Fri Jun 29, 2001 12:48 am

Take a look at Security Templates and see if you have invoked a template that is hindering the other DC from talking the "primary". Security Configuration and Analysis is also a good tool to audit the computer.

Finally, check to see if your DC's are replicating properly.

W_I_Z_K_I_D · Post by **W_I_Z_K_I_D** » Fri Jun 29, 2001 2:54 am

YeP What He Said....