Windows 2000 Does Not Provide Manual Security Association and Key Management (257750)


The information in this article applies to:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional
This article was previously published under Q257750

SYMPTOMS

Administrators may use the IP Security Policies on Local Machine snap-in to manage IP Security (IPSec) security associations (SAs) and keys. However, Windows 2000 does not provide a command-line utility that permits an administrator to perform these tasks manually.

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

MORE INFORMATION

IPSec is defined by Request for Comment (RFC) 2401. The following text is an excerpt from RFC 2401, section 4.6 (SA and Key Management):

IPsec mandates support for both manual and automated SA and cryptographic key management.

Modification Type:MajorLast Reviewed:11/20/2003
Keywords:kbIPSec kbprb KB257750
©2003 Microsoft Corporation. All rights reserved.