Today I investigated the issue of a certain newly-domain-joined machine not being able to connect to a certain IPSec-authenticated network resource. The computer had McAfee LiveSafe antivirus, which also includes a firewall. When I checked Windows Firewall, the MMC snap-in said the firewall was managed by a McAfee "vendor application." More interestingly, the Connection Security Rules section was blank. Disabling the McAfee firewall did nothing, it was still registered.
I had to uninstall McAfee completely. After a reboot, the Connection Security Rules section was populated appropriately and the connection worked. I'm pretty sure Windows Firewall is responsible for handling CSRs and since that McAfee firewall doesn't do IPSec, the outbound data wasn't authenticated. Weirdly enough, it seems that McAfee was also causing issues with Group Policy refresh: gpupdate failed with this error (though no GPO used loopback settings), but the error went away after uninstalling McAfee.
No comments:
Post a Comment