Hello everybody, i'm getting trouble with WF with Advanced Security. Well, i have members of a domain AD (2008R2 level domain), clients are WIndows 7 SP1 Enterprise x64. I want to create a securrity connection between clients win7 with IPsec, so i did a connection security Rules. I did an isolation (i tried with server-to server too), and i use default authentification : Computer Kerbers v5. I use "Required Inbound and Ask Outbound" for all. i create same rules for all clients that i need to communicate with IPsec. well after that i don't have any connectivity between clients. i can't see any SA in Main Mode. if i change Ipsec default authentification with a pre shared key (not recommanded), or a certificat (with a Root CA) it work very well. so i got a problem with the" Computer Kerberos v5" authentification. but i don't know why. Do you have an idea ? Best Regards,

Hi, Thanks for posting in Microsoft TechNet Forum. I suspect that the IPSec SA negotiation failed, I suggest you collect the information of Event Viewer: Viewing Firewall and IPsec Events in Event Viewer Enabling Audit Events for Windows Firewall with Advanced Security For more information, please kindly refer to the following article: Windows Firewall with Advanced Security Troubleshooting Guide: Diagnostics and Tools Alex Zhao TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.comPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Alex, thanks for your reply. Indeed SA negociation failed, anyway i did a roll back of my VMs since it was a lab environnment, and it now works very well with Kerberos Something was wrong somehere in the network configuration :) Regards,