Here's the article to get it all done properly, rather than just blatting out all the IPsec and firewall-related stuff *en masse*
http://support.microsoft.com/kb/921469 Although 2008 R2 isn't listed, these all appear to work OK on it On 8 June 2011 09:51, James Rankin <[email protected]> wrote: > There must be something about posting to this list that gets my brain, or > my Google-powers, into gear. Maybe it's just reading through my own problem > again in a linear fashion. Anyway, I found me an answer.... > > *auditpol.exe /set /SubCategory:"MPSSVC rule-level Policy > Change","Filtering Platform policy change","IPsec Main Mode","IPsec Quick > Mode","IPsec Extended Mode","IPsec Driver","Other System Events","Filtering > Platform Packet Drop","Filtering Platform Connection" /success:disable > /failure:disable > > * > On 8 June 2011 09:44, James Rankin <[email protected]> wrote: > >> Anyone have any idea why, when I turn on "audit object access" on my >> Windows 2008 R2 servers, my security logs get swamped with event id 5156 >> "the Windows Filtering Platform has permitted a connection"? I found a >> reference to turning off audit subcategories by using this command >> -*auditpol /set /subcategory:"Filtering Platform Connection" /success: >> disable >> /failure: disable* - but that only works for plain 2008, not 2008 R2. >> Anyone know how to get around this, or what command I could use to disable >> it? >> >> >> TIA, >> >> >> >> >> JRR >> >> -- >> "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into >> the machine wrong figures, will the right answers come out?' I am not able >> rightly to apprehend the kind of confusion of ideas that could provoke such >> a question." >> >> *IMPORTANT: The information in this email is CONFIDENTIAL. If its >> contents are disclosed in any way my lawyers will swoop down from black >> helicopters like Seal Team Six and drag you away with a black bag over your >> head. They will then take you to a secret prison and make you fight to the >> death with other people who dared to share this email. You will be given a >> large bowie knife and a supply of methamphetamines while I watch the said >> deathmatch and wager vast sums of money on who will be the winner. If the >> fight becomes boring or there is a stalemate, I will release rabid dogs and >> my two-stone cat into the arena to liven things up a bit. If these animals >> become in any way docile, I will squirt them with water pistols until they >> become a bit more temperamental.* >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> > > > > -- > "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into > the machine wrong figures, will the right answers come out?' I am not able > rightly to apprehend the kind of confusion of ideas that could provoke such > a question." > > *IMPORTANT: The information in this email is CONFIDENTIAL. If its contents > are disclosed in any way my lawyers will swoop down from black helicopters > like Seal Team Six and drag you away with a black bag over your head. They > will then take you to a secret prison and make you fight to the death with > other people who dared to share this email. You will be given a large bowie > knife and a supply of methamphetamines while I watch the said deathmatch and > wager vast sums of money on who will be the winner. If the fight becomes > boring or there is a stalemate, I will release rabid dogs and my two-stone > cat into the arena to liven things up a bit. If these animals become in any > way docile, I will squirt them with water pistols until they become a bit > more temperamental.* > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." *IMPORTANT: The information in this email is CONFIDENTIAL. If its contents are disclosed in any way my lawyers will swoop down from black helicopters like Seal Team Six and drag you away with a black bag over your head. They will then take you to a secret prison and make you fight to the death with other people who dared to share this email. You will be given a large bowie knife and a supply of methamphetamines while I watch the said deathmatch and wager vast sums of money on who will be the winner. If the fight becomes boring or there is a stalemate, I will release rabid dogs and my two-stone cat into the arena to liven things up a bit. If these animals become in any way docile, I will squirt them with water pistols until they become a bit more temperamental.* ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
