Come Together, Right Now: IPsec and VPN Co-Existence

Published 10 November 06 02:10 PM

There's no doubt about; we're big fans of IPsec at Microsoft.  We've baked this enabling protocol into a number of cool solutions (e.g. Server and Domain Isolation and Network Access Protection), but for some this could cause a conflict with a third-party IPsec-based VPN client. In some cases, the VPN client will turn off the Windows implementation of IPsec and disable IKE (the key exchange process). 

To help customers have the flexibility and choice to mix and match Windows IPsec-based network security solutions with their current VPN solution, we've been working with the major remote access vendors to enable co-existence. 

First, we published a guide to help those you develop IPsec-based VPN clients support co-existence scenarios: Recommendations for Virtual Private Network Client Coexistence with the Internet Protocol Security Implementation in Microsoft Windows.

With this guide in hand, we then reached out to all the leading vendors to encourage them to follow these fairly easy steps.  We already have a bunch that are shipping support (see below for some examples) and suggest you urge your IPsec-based VPN vendor to do the same (if they haven't already).

by ianhamer
Filed under:

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# trustedaccess: Microsoft said on November 14, 2006 2:29 AM:

Here's a quick list of interesting NAP and Domain/Server Isolation related links for November: Ian Hameroff:

# travelling without moving said on November 30, 2006 8:26 PM:

Here's a quick list of interesting NAP and Domain/Server Isolation related links for November: Ian Hameroff:

Leave a Comment

(required) 
(optional)
(required) 

  
Enter Code Here: Required

This Blog

Syndication

Helping reach more people, more of the time

And, now available on TechNet!

Page view tracker