26e7
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

<head>
	<title>IPSEC Policy Agent | Services Guide | Smallvoid.com</title>
	<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
	<meta http-equiv="content-language" content="en-us" />
	<link rel="stylesheet" href="http://smallvoid.com/wp-content/themes/andyblue/style.css" type="text/css" media="screen" />
	<link rel="meta" href="http://smallvoid.com/labels.rdf" type="application/rdf+xml" title="ICRA labels" />
	<meta http-equiv="pics-Label" content='(pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l gen true for "http://smallvoid.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1) gen true for "http://www.smallvoid.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 1))' />
	<meta name="generator" content="WordPress 2.0.11" /> <!-- leave this for stats -->
	<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.classify.org/safesurf/" L gen true for "http://smallvoid.com/" r (SS~~000 1 SS~~001 1))'/>
	<meta name="iWatchDog-Program-Licensing" content="http://www.iwatchdog.org/license.html"/>
	<meta name="iWatchDog-Program-Validation" content='true comment "ChildSafe International Web Sites" for "http://smallvoid.com/" on "2006.09.07"'/>
	<meta name="blogcatalog" content="9BC9466880" /> 
	<link rel="pingback" href="http://smallvoid.com/xmlrpc.php" />
	<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://smallvoid.com/feed/rss2/" />
	<link rel="alternate" type="application/atom+xml" title="ATOM 1.0" href="http://smallvoid.com/feed/atom/" />
	<link rel="alternate" type="text/xml" title="RSS .92" href="http://smallvoid.com/feed/rss/" />
	<link rel="alternate" type="text/xml" title="RDF" href="http://smallvoid.com/feed/rdf/" />

	<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://smallvoid.com/xmlrpc.php?rsd" />
	<script type="text/javascript" src="http://smallvoid.com/wp-content/plugins/client-hilite.js"></script>
<meta name="description" content="Description and recommended settings for the IPSEC services. " />
<meta name="keywords" content="Services Guide,ipsec,VPN,l2tp,firewall"/><!-- yawasp -->
<style type="text/css">.catenasirpowotyp  {display:none;}</style>
<!-- /yawasp -->
</head>

<body><div id="wrapper">

<div id="header">
	<h1><a href="http://smallvoid.com/">Smallvoid.com</a></h1>
	<ul id="navigation">
	<li class="selected"><a href="http://smallvoid.com">Home</a></li>
	<li class="page_item"><a href="http://smallvoid.com/about/" title="About">About</a></li>
<li class="page_item"><a href="http://smallvoid.com/articles/" title="Articles">Articles</a></li>
<li class="page_item"><a href="http://smallvoid.com/links/" title="Links">Links</a></li>
<li class="page_item"><a href="http://smallvoid.com/forum/" title="Forum">Forum</a></li>
	</ul>
	<div style="clear: both;"></div>
</div>
<div id="sidebar">

	<h6>Search</h6>
	<form id="searchform" method="get" action="http://smallvoid.com"><p>
	<input class="box" type="text" name="s" id="s" size="15" value=''/> <input class="button" type="submit" value="Go" />
	</p></form>

	
		<h6>Recent Posts</h6>
	<ul>
			<li><a href='http://smallvoid.com/article/news-2012-11-28.html' title='Wordpress 2.0 vs. PHP 5.3'>Wordpress 2.0 vs. PHP 5.3</a></li>
	<li><a href='http://smallvoid.com/article/ie-about-tabs-rows.html' title='Configure number of rows to show in New Tab Page (about:tabs)'>Configure number of rows to show in New Tab Page (about:tabs)</a></li>
	<li><a href='http://smallvoid.com/article/news-2012-11-07.html' title='Windows 8 is the monster of Frankenstein'>Windows 8 is the monster of Frankenstein</a></li>
	<li><a href='http://smallvoid.com/article/winnt-tcp-slow-start.html' title='Configure initial congestion window to speed up TCP slow start'>Configure initial congestion window to speed up TCP slow start</a></li>
	<li><a href='http://smallvoid.com/article/winnt-tcp-push-flag.html' title='Improve latency for TCP by not waiting for Push flag'>Improve latency for TCP by not waiting for Push flag</a></li>
	
	</ul>
	
	<h6>Meta</h6>
	<ul>
				<li><a href="http://smallvoid.com/wp-login.php">Login</a></li>
			</ul>

</div> <!-- class="sidebar" -->
<div class="page" id="mainpage">

	<div class="post">
	<h4><a href="http://smallvoid.com/article/winnt-services-policyagent.html" rel="bookmark" title="Permanent Link to IPSEC Policy Agent">IPSEC Policy Agent</a> 
	</h4>
	<small>23 July 2000 by Snakefoot | <a href="#respond">Comment &#187;</a> | Trackback Off </small>
	<div class="content"><h5>Description:</h5>
Manages the Internet Protocol Security (IPSec) policy &amp; starts the Internet Security Association Key Management Protocol (ISAKMP) / Oakley Internet Key Exchange (IKE) &amp; the IP security driver.<br/>
<br/>
The IP Security driver captures/examines IP traffic and uses the IPSec policies to decide whether to block/filter, permit or encrypt (F.ex. Layer Two Tunneling Protocol - L2TP) the traffic.
When changing a policy the IPSec Policy Agent is responsible for updating the IP Security Driver. The service listens on UDP port 500 (ISAKMP) and UDP port 4500 (NAT-T).<br/>
<br/>
The IP Security driver can be used with the <a href="/article/winnt-services-rasman.html">Remote Access Connection Manager (Rasman)</a>, to provide secure VPN connections.<br/>
<br/>
Note in Win2k if not having installed &quot;Client for Microsoft Networks&quot; for the Network Adapter (Don't need to be bound),
then the service will not start and instead give the following error without any entries in the Event Log:
<blockquote><p><i>
Could not start the IPSEC Policy Agent service on Local Computer.<br/>
The service did not return an error. This could be an internal Windows error or an internal service error.
If the problem persists, contact your system administrator.
</i></p></blockquote>
Note if IPSec Policies are corrupted (Reload from .ipsec file), or a 3rd Party IPSec/VPN software is installed (Uninstall it), then it might give the following error in the Event Log:
<blockquote><p><i>
IPSEC PolicyAgent Service couldn't be started: Driver failed to start.<br/>
Source: PolicyAgent<br/>
EventID: 321<br/>
<br/>
IPSEC PolicyAgent Service couldn't be started: Oakley failed to start.<br/>
Source: PolicyAgent<br/>
EventID: 319<br/>
</i></p></blockquote>
More Info <a href="http://support.microsoft.com/kb/Q231585" title="Overview of Secure IP Communication with IPSec in Windows 2000" rel="nofollow">MS KB Q231585</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q234580" title="&quot;Soft Associations&quot; Between IPSec-Enabled and Non-IPSec-Enabled Computers" rel="nofollow">MS KB Q234580</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q240262" title="How to Configure a L2TP/IPSec Connection Using Pre-shared Key Authentication" rel="nofollow">MS KB Q240262</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q247231" title="Event ID 20111, Error 792 or Error 781 When Establishing an L2TP/IPSec Connection" rel="nofollow">MS KB Q247231</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q248750" title="Description of the IPSec Policy Created for L2TP/IPSec" rel="nofollow">MS KB Q248750</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q252735" title="How to Configure IPSec Tunneling in Windows 2000" rel="nofollow">MS KB Q252735</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q253169" title="Traffic That Can--and Cannot--Be Secured by IPSec" rel="nofollow">MS KB Q253169</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q257225" title="Basic IPSec Troubleshooting in Windows 2000" rel="nofollow">MS KB Q257225</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q259335" title="Basic L2TP/IPSec Troubleshooting in Windows" rel="nofollow">MS KB Q259335</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q265112" title="IPSec and L2TP Implementation in Windows 2000" rel="nofollow">MS KB Q265112</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q314831" title="Basic L2TP/IPSec Troubleshooting in Windows XP" rel="nofollow">MS KB Q314831</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q810207" title="IPSec Default Exemptions Are Removed in Windows Server 2003" rel="nofollow">MS KB Q810207</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q811832" title="IPSec Default Exemptions Can Be Used to Bypass IPsec Protection in Some Scenarios" rel="nofollow">MS KB Q811832</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q813878" title="How to Block Specific Network Protocols and Ports by Using IPSec" rel="nofollow">MS KB Q813878</a><br/>
More Info <a href="http://support.microsoft.com/kb/Q816514" title="HOW TO: Configure IPSec Tunneling in Windows Server 2003" rel="nofollow">MS KB Q816514</a><br/>
<br/>
<h5>Recommended State:</h5>
<ul>
<li>Disabled, if on a simple home network.</li>
<li>Automatic, if connected to a Windows domain..</li>
</ul>
<h5>Default State:</h5>
<ul>
<li>Win8: Manual (Trigger Start - FIREWALL PORT EVENT).</li>
<li>Win7: Manual.</li>
<li>Vista: Automatic.</li>
<li>Win2k3: Automatic.</li>
<li>WinXP: Manual.</li>
<li>Win2k: Automatic.</li>
</ul>
<h5>Process Name:</h5>
<ul>
<li>Win8/Win7/Vista: <a href="/article/winnt-services-wrapper.html">svchost.exe -k NetworkServiceNetworkRestricted</a> (PolicyAgent)</li>
<li>WinXP/Win2k3/Win2k: <a href="/article/winnt-services-wrapper.html">lsass.exe</a> (PolicyAgent)</li>
</ul>
<h5>Supports:</h5>
<ul>
<li>None</li>
</ul>
<h5>Depends:</h5>
<ul>
<li><a href="/article/winnt-services-bfe.html">Base Filtering Engine</a> (Vista+)</li>
<li><a href="/article/winnt-services-rpcss.html">Remote Procedure Call (RPC)</a></li>
</ul>
100e
</div>
	
	<div class="cat">
		<h6>Tags:</h6>
	<ul class="post-categories"><li><a href="http://smallvoid.com/tag/ipsec/" rel="tag nofollow" title="Search site for ipsec">ipsec</a>, <a href="http://smallvoid.com/tag/VPN/" rel="tag nofollow" title="Search site for VPN">VPN</a>, <a href="http://smallvoid.com/tag/l2tp/" rel="tag nofollow" title="Search site for l2tp">l2tp</a>, <a href="http://smallvoid.com/tag/firewall/" rel="tag nofollow" title="Search site for firewall">firewall</a></li></ul>
		<h6>Category:</h6>
	<ul class="post-categories">
	<li><a href="http://smallvoid.com/articles/windows-2000/" title="View all posts in Windows 2000 / Win2k">Windows 2000 / Win2k</a>/<a href="http://smallvoid.com/articles/windows-2000/services/" title="View all posts in Services Guide" rel="category tag">Services Guide</a></li>
	<li><a href="http://smallvoid.com/articles/windows-2003/" title="View all posts in Windows 2003 / Win2k3">Windows 2003 / Win2k3</a>/<a href="http://smallvoid.com/articles/windows-2003/services/" title="View all posts in Services Guide" rel="category tag">Services Guide</a></li>
	<li><a href="http://smallvoid.com/articles/windows-xp/" title="View all posts in Windows XP / WinXP">Windows XP / WinXP</a>/<a href="http://smallvoid.com/articles/windows-xp/services/" title="View all posts in Services Guide" rel="category tag">Services Guide</a></li>
	<li><a href="http://smallvoid.com/articles/windows-vista/" title="View all posts in Windows Vista">Windows Vista</a>/<a href="http://smallvoid.com/articles/windows-vista/services/" title="View all posts in Services Guide" rel="category tag">Services Guide</a></li>
	<li><a href="http://smallvoid.com/articles/windows-7-win7/" title="View all posts in Windows 7 / Win7">Windows 7 / Win7</a>/<a href="http://smallvoid.com/articles/windows-7-win7/services-guide/" title="View all posts in Services Guide" rel="category tag">Services Guide</a></li>
	<li><a href="http://smallvoid.com/articles/windows-8-win8/" title="View all posts in Windows 8 / Win8">Windows 8 / Win8</a>/<a href="http://smallvoid.com/articles/windows-8-win8/services-guide/" title="View all posts in Services Guide" rel="category tag">Services Guide</a></li></ul>	</div>

	<p style="text-align:right;font-weight:bold;font-size:90%;">Updated: 13 December 2012</p>
	


<div class="post">
<a name="respond"></a>
<h4>Leave a comment</h4>

	<form action="http://smallvoid.com/wp-comments-post.php" method="post" id="commentform">
	<p><input type="text" name="f5787a85955927a52210ec23119fbc0f" id="author" value="" tabindex="1" class="catenasirpowotyp" /></p>

	<div class="content">
	<br/>
	<p><b>NB!</b> Use the <a href="/forum/">Forum</a> for computer help and off-topic questions.</p>

	<p><input type="text" name="888430de21ad43b95ed34d769a8ab1e7" id="author" value="" size="22" tabindex="1" />
	<label for="author"><small>Name (required)</small></label></p>

	<p><input type="text" name="4421f6a34bdee008ef55e32e70b8ad8d" id="email" value="" size="22" tabindex="2" />
	<label for="email"><small>Mail (will not be published) (required)</small></label></p>

	<p><input type="text" name="101f49d4152ea836f90b30aa324837df" id="url" value="" size="22" tabindex="3" />
	<label for="url"><small>Website</small></label></p>


	<p><small>You can use these tags: &lt;a href=&quot;&quot; title=&quot;&quot;&gt; &lt;abbr title=&quot;&quot;&gt; &lt;acronym title=&quot;&quot;&gt; &lt;b&gt; &lt;blockquote cite=&quot;&quot;&gt; &lt;code&gt; &lt;em&gt; &lt;i&gt; &lt;strike&gt; &lt;strong&gt; </small></p>

	<p><textarea name="02d5850e7929de9709c7e14ef93270d1" id="comment" cols="100%" rows="10" tabindex="4"></textarea></p>

	<p><input name="submit" type="submit" id="submit" tabindex="5" value="Submit Comment" />
	<input type="hidden" name="comment_post_ID" value="555" /></p>
	</div>
<p></p>
</form>
</div>

	</div>

	
	</div>

<!-- ### footer starts ### -->
<div id="footer">&nbsp;
</div>
<!-- ### footer ends ### -->

<!-- 12 queries. 0.455 seconds. -->

</div>  <!-- Wrapper -->

<!-- wpscanner -->

</body></html>
0