Hi I have configured an ipsec isolation policy on one server that requires authentication for inbound traffic ( any protocol) using kerberos (computer) . Now, all machines not member of the domain cannot access the server and only joined machines can access it. The thing is , from a domain join machine, i canot ping it ! i can access it using anyother protocol except ping. If i disable the IPSEC rule, the Ping comes back ! any clue?ammarhasayen

Have you tried setting up a specific allow rule for ICMP? Brian

If i set another rule that request authentication for inbound and outbound for ICMP 4 and ping is back to normal. My question is why my computer (domain joined) is not able to authenticate using computer kerberos to ICMB traffic?ammarhasayen

I find that ICMP typically needs its own rule (more of a stateless protocol) When you added the separate rule for inbound and outbound IPSec it worked, right? Brian

Yes Thanks Brian .. You are always helpful :)ammarhasayen