Delete an IPSec policy
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
To delete an IPSec policy
Create a console containing IP Security Policies. Or, open a saved console file containing IP Security Policies.
Click the policy that you want to remove, click Action, and then click Delete.
When prompted, click Yes.
Important
For Active Directory-based IPSec policy, an IPSec policy might remain active even after the IPSec policy has been deleted. Therefore, you should unassign the IPSec policy before you delete the policy. To prevent problems, use the following procedure:
Unassign the IPSec policy in the Group Policy object.
Wait 24 hours to ensure that the change is propagated.
Delete the IPSec policy.
If you delete the IPSec policy without following this procedure, computers in the Active Directory container to which the IPSec policy is assigned might treat the IPSec policy as if it cannot be located and continue to use a cached copy.
Notes
To manage Active Directory-based IPSec policies, you must be a member of the Domain Admins group in Active Directory, or you must have been delegated the appropriate authority. To manage local or remote IPSec policies for a computer, you must be a member of the Administrators group on the local or remote computer. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure.
To create a console containing IP Security Policies, start the IP Security Policies snap-in. To open a saved console file, open MMC. For more information, see Related Topics.
Information about functional differences
- Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.
See Also
Concepts
Start the IP Security Policy Management snap-in
Open MMC
Add, edit, or remove IPSec policies
Refresh the list of IPSec policies
Working with MMC console files