Article ID: 234580 - View products that this article applies to.
This article was previously published under Q234580
This article has been archived. It is offered "as is" and will no longer be updated.
This article describes how to allow or prevent communication between secure and unsecured computers.
The IP Security (IPSec) Policy's negotiation policy can either allow or disallow unsecured traffic. When two computers that support IPSec communicate with each other, they establish security associations that are determined through negotiation of the Internet Security Association and Key Management Protocol (ISAKMP) and IPSec Policy rules. If either of two computers does not support IPSec, they must communicate without security, which is called a "soft association". Downlevel clients do not support IPSec communication and cannot communicate unless soft associations are permitted.
IPSec-Aware Computers Trying to Communicate with Non-IPSec-Aware Computers
Non-IPSec-Aware Computer Trying to Communicate with IPSec-Aware Computer