Build a Custom IPsec Policy

This section explains how to create a custom IPsec policy to secure traffic between two computers. Building a custom IPsec policy takes three steps:

• Define a security rule
• Configure an IPsec filter list
• Specify the filter action

Define a Security Rule

1. Using ComputerA, in the left-side navigation pane of the MMC console window, right-click IP Security Policies on Local Machine, and then click Create IP Security Policy.

   

   The folder named IP Security Policies on Local Machine/Computer is nested within the Local Computer Policy tree. To find the folder, double-click Local Computer Policy, double-click Computer Configuration, double-click Windows Settings, and then double-click Security Settings.

   The IP Security Policy Wizard appears.
   
2. Click Next.
   
3. Enter Partner as the name of your policy, and then click Next.
   
4. Ensure the Activate the default response rule (earlier versions of Windows only) check box is not selected (it is checked by default), and then click Next.
   
5. Ensure the Edit Properties check box is selected (it is checked by default), and then click Finish.
   The Partner Properties dialog box appears.
6. In the lower-right corner of the Partner Properties dialog box, ensure the Use Add Wizard check box is selected, and then click Add.
   The Security Rule Wizard appears.
7. Click Next.
   
8. Ensure This rule does not specify a tunnel is selected (selected by default), and then click Next.
   
9. Ensure All network connections is selected (selected by default), and then click Next.
10. To configure the IP Filter List, proceed to the next topic.