Hello gfeing4935,
I will crosspost this to:
microsoft.public.windows.server.security
Think that will be the better NG.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!
http://www.blakjak.demon.co.uk/mul_crss.htm
> P.S. I assume this is because of the decurity association idle
> timeout, but does anyone know of a way around this issue?
>
> "gfeing4935" wrote:
>
>> I am experiencing about a 5 minute delay following the reboot of my
>> Windows 2003 and Windows XP IPSec boundary servers/workstations
>> until they can sucessfully communicate with other IPSec boundary
>> machines.
>>
>> Example:
>>
>> 1. Reboot Windows 2003 IPSec boundary machine. The machine is
>> configured in accordance with Microsoft's IPSec Domain and Server
>> Isolation guide as a boundary machine.
>>
>> 2. Wait until server boots to the logon screen and begin a continuous
>> ping to the server from another boundary machine. Start timer.
>>
>> 3. It takes about 5 minutes until the server will successfully answer
>> a ping. During this time you can log onto the server and communicate
>> with the DC (IPSec Exclusion Policy for DCs).
>>
>> 4. 5 minutes pass and ping begins to succeed.
>>
>> Does anyone know why there is a 5 minute delay following a server
>> reboot for Windows 2003 boundary machines to communicate? Is there a
>> known method to lessen the delay? If I remove the IPSec policy from
>> the machine the 5 minute delay following a reboot does not occur.
>>
>> Thank You,
>>
>> Greg
>>
Similar Threads
Linear Mode
