Jan, posting this without context is just inflammatory. If it makes you happy, send flame to me personally. The list isn't here to discuss product bugs, postulate on what may be a bug, nor complain about the wording on dialogs.
The news group for Windows 2000 networking functionality in general is: microsoft.public.win2000.networking
Or you can email NTBUGTRAQ to report verified problems or email secure@microsoft.com to get a formal corporate response to a discovered security weakness for any Microsoft product.
This setting is in the advanced properties of the TCPIP properties and allows a local admin to select a default IPSec policy. By default the selection is says in text "Do not use IPSec". This is a local setting which can be overridden by Win2k domain IPSec policy, and by OS components such as L2TP which require IPSec for their operation. And once again, the behavior is documented in online help and elsewhere. The TCPIP properties UI is a quick and easy way for an admin to change between different custom policies that have been created on the local system.
As one of our KB articles notes, we provide the default policies as an example only, for initial testing only - real production use requires your own custom designed IPSec policy.
-----Original Message-----
From: Jan Vilhuber [mailto:vilhuber@cisco.com]
Sent: Tuesday, May 16, 2000 2:01 PM
To: ipsec@lists.tislabs.com
Cc: William Dixon
Subject: more microsoft policy issues?
From an email I just saw going across my desk:
> Even though the "do not use IPSec" is marked in the W2000 configuration the
> W2000 client still uses IPSec. Please note in Windows 2000 build 2195
> Microsoft have decided to use IPSec all the time.
Come on, guys! Please tell me that THIS at least is a bug, and not another one
of those design decisions...
jan
P.S. Caveat: I don't have any idea of build numbers. Maybe 2195 is really old
and this is already fixed...
--
Jan Vilhuber vilhuber@cisco.com
Cisco Systems, San Jose (408) 527-0847