Windows Firewall: Allow authenticated IPsec bypass

Allows unsolicited incoming messages from specified systems that authenticate using the IPsec transport. If you enable this policy setting you must type a security descriptor containing a list of computers or groups of computers. If a computer on that list authenticates using IPsec Windows Firewall does not block its unsolicited messages. This policy setting overrides other policy settings that would block those messages. If you disable or do not configure this policy setting Windows Firewall makes no exception for messages sent by computers that authenticate using IPsec. If you enable this policy setting and add systems to the list upon disabling this policy Windows Firewall deletes the list. Note: You define entries in this list by using Security Descriptor Definition Language (SDDL) strings. For more information about the SDDL format see the Windows Firewall deployment information at the Microsoft Web site (http://go. microsoft. com/fwlink/?LinkId=25131).

Additional Information

  1. Registry path is:

    HKEY_LOCAL_MACHINE -> SOFTWARE -> Policies -> Microsoft -> Windows -> IPSec -> ICFv4 # BypassFirewall

  2. The Administrative Template path is:

    Network -> Network Connections -> Windows Firewall


* Making mistakes while changing registry values can affect your system adversely. We recommend you to create a System Restore point before making registry manipulation. If you're new to Registry Editor, read this beginner's guide.
** To locate the registry and administrative template path, checkout beginner's guide.
You're here :
Checkout Kapil Sparks™