Article ID: 255857 - Last Review: March 1, 2007 - Revision: 3.6 IPSec Offload Statistics Are Not Available
This article was previously published under Q255857 SYMPTOMS
The netdiag command does not display the IP Security Protocol (IPSec) offload statistics for a network adapter that has IPSec offload capabilities.
CAUSE
The netdiag command queries the IPSec offload statistics from the system, but does not display them.
RESOLUTION A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, submit a request to Microsoft Customer Service and Support to obtain the hotfix. Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site: http://support.microsoft.com/contactus/?ws=support
(http://support.microsoft.com/contactus/?ws=support)
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.
The English-language version of this fix should have the following file attributes or later:
Date Time Size File name --------------------------------------- 4/4/2000 1:24 PM 84 KB Ipsec.sys WORKAROUND
You can use the following command to determine if an adapter has IPSec offload capabilities and what options it supports:
netsh int ip show offload
The following text is sample output from the command listed above. This sample text shows the offload capabilities of the network adapter (not statistics):
Offload Options for interface "Local Area Connection" with index: 200002:" TCP Transmit Checksum IP Transmit Checksum TCP Receive Checksum IP Receive Checksum Offload Options for interface "Loopback Adapter" with index: 3: Offload Options for interface "Local Area Connection 2" with index: 1000005: IPSEC Raw Crypto IPSEC Combined AH+ESP IPSEC on Transmit for AH IPSEC on Receive for AH IPSEC transport for AH MD5 as AH and ESP algorithm SHA_1 as AH and ESP algorithm IPSEC on Transmit for ESP IPSEC on Receive for ESP IPSEC transport for ESP DES as ESP algorithm 3DES as ESP algorithm Null DES as ESP algorithm STATUSMicrosoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. Microsoft has confirmed that this is a problem in Microsoft Windows 2000. MORE INFORMATION
The netdiag command is available after you install the Microsoft Windows 2000 Resource Kit, which you can install from your Windows 2000 CD-ROM. To install the kit, locate the Support\Tools folder, and then double-click the Setup.exe file. After installation, you may need to run the netdiag command from the %SystemRoot%\Program Files\Support Tools folder. Use the following command to display IPSec statistics:
netdiag /test:ipsec /v
For additional information about how to install Windows 2000 and Windows 2000 hotfixes at the same time, click the article number below
to view the article in the Microsoft Knowledge Base:
249149
(http://support.microsoft.com/kb/249149/EN-US/
)
Installing Microsoft Windows 2000 and Windows 2000 Hotfixes
| Article Translations
|
| United States | Change | | | All Microsoft Sites |
Help and Support
Back to the top
|
