KB Home
Active Directory
Anti-Virus / Anti Spam
Backup & Storage
Cisco & Routing
Disaster Recovery
Disk Management
DNS
Downloads
Exchange Server
Installation
Networking
Novell Netware
Patches
Printers
Recommended Sites
Security
Tips & Tricks
Windows 98
Windows XP
Windows Vista
Windows Server 2003
Windows Server 2008
 

Exporting and Importing IPSec Policies

by Michael W. Wass - November 3, 2009

Windows 2000/XP/2003 machines have a built-in IP security mechanism called IPSec (IP Security). IPSec is a protocol that’s designed to protect individual TCP/IP packets traveling across your network by using public key encryption. Besides encryption, IPSec will also let you protect and configure your server/workstation with a firewall-like mechanism.

 

When working on one single computer you can easily set up and assign IPSec Policies either from the Command Prompt by using the NETSH command, or from an MMC console that's loaded with the IP Security snap-in.

 

However when working with more than one computer, one might need a better way than going through each computer and re-configuring the IPSec Policy. Needed is a method in which we can use the same IPSec Policy on multiple computers, or at least have the same policy set up on a number of computers.

 

One method of configuring many computers to use the same IPSec Policy is to Configuring IPSec Policies through GPO. However in this article we will use the second method - exporting the IPSec Policy to an .IPSEC file, then importing this file to other computers.

 

There are 2 methods for exporting and importing IPSec Policies:

 

Method 1 - Using the GUI

 

Export

  1. Open an MMC window (Start / Run / MMC)

  2. Add the IP Security and Policy Management Snap-in

  3. In the Select which computer this policy will manage window select the local computer. Click Close then click Ok

  4. Right-click IP Security Policies in the left pane of the MMC console. Select All Tasks and then Export Policies

  5. File is now ready for importing, either by the GUI or by using NETSH

Important Security Warning: Exporting IPSec Policies to a file might reveal pass phrases used by various IPSec Policies however if you're using Kerberos or Digital Certificates in your IPSec Policies then there is no security issue.

 

Import

  1. In the same MMC as before, right-click IP Security Policies in the left pane of the MMC console and select All Tasks and then Import Policies

  2. Browse to the location where you saved the file, give it a name and select Open

  3. You IPSec Policy is now ready and you can easily assign it by right-clicking and selecting Assign

Method 2 - Using NETSH

 

Open a Command prompt and type:

 

Export

netsh ipsec static exportpolicy c:'temp' ipsec_policy.ipsec

 

Import

netsh ipsec static importpolicy c:'temp' ipsec_policy.ipsec

 

 
 
 
  Home   |   About Us   |   Policies   |   Distributor Info   |   Contact Us   |   Jobs   |   Follow us on Twitter   |   IT Knowledge Base   |   FAQ  
 
 
 
  Copyright © 2010 TecTrax Network Technologies. All rights reserved.

Send mail to WebMaster@tectrax.com with questions or comments about this web site. Last modified: 06/15/10