Consider the following scenario:

  • In a network environment, you configure the Internet Protocol security (IPsec) policy to use the tunnel mode.
  • In the IP Filter Properties dialog box of the IPsec policy, you use a subnet address for the Source Address or for the Destination Address.
  • You try to establish the IPsec tunnel-mode connection to a partner computer from a Windows Vista-based computer or from a Windows Server 2008-based computer.

In this scenario, the computer cannot negotiate the security mode with the partner computer. Therefore, you cannot use IPsec to secure the connection.

Leave a Reply