If the rule specifies an Internet Protocol security (IPsec) tunnel, this tab shows information about the tunnel endpoints and whether computer or user authorization is required.

To get to this tab
  1. In the Windows Firewall with Advanced Security MMC snap-in, expand Monitoring, and then expand Connection Security Rules.

  2. Double-click the rule you want to examine, and then click the Advanced tab.

Local tunnel endpoint

If the connection security rule is a tunnel rule, then this indicates the address of the tunnel endpoint that is closest to the local computer, as configured on the Customize IPsec Tunneling Settings dialog box.

If the connection security rule is not a tunnel rule, then None is displayed.

Remote tunnel endpoint

If the connection security rule is a tunnel rule, then this indicates the address of the tunnel endpoint that is farthest from the local computer, as configured on the Customize IPsec Tunneling Settings dialog box.

If the connection security rule is not a tunnel rule, then None is displayed.

Interface types

This indicates the network interface types to which the rule applies, as configured on the Advanced tab of the Connection Security Rule Properties page.

Apply authorization

This indicates whether the use of the tunnel is restricted to only authorized users and computers, as configured on the Customize IPsec Tunneling Settings dialog box. The list of authorized users and computers is configured on the Customize IPsec Tunnel Authorizations dialog box.

Exempt IPsec protected connections

This indicates whether network packets addressed to a computer in Endpoint 2 that are already protected by IPsec are sent through the tunnel. This includes any network packet with an ESP header, including ESP NULL. This setting is configured on the Customize IPsec Tunneling Settings dialog box.

Additional references


Table Of Contents