Hi, I have a windows 2003 domain with ipsec configure between servers. I have some web servers that need to access a sql server via port 1433 and its working fine with the ipsec policy. But I need to exclude one web server to access the sql without ipsec but still have the ipsec enable. I checked "Allow unsecured communication with non-IPSec-aware computers" under Filter Action within the ipsec policy but I am still unable to access the sql server from the web server via port 1433. I update group policy, replicate between domain. The Sql server is on the LAN and Web server is on the DMZ. When I assign the ipsec policy everything works but I need to exclude one web server to do a network trace between web server and the sql server. Thanks in advance

you need to create additional rule for this server and in filter action select "Permit" and don't use 'Negotiate'.http://en-us.sysadmins.lv