MZ@ !L!This program cannot be run in DOS mode. $Rؕ3}3}3}H̴3}H̱3}Rich3}PEL!  <P@:.rsrc@<@@p0H1km n8oPphqsuwz{}~(@Xp0H`x 8Ph(@Xppq0H ` x     8 P &h ' ~ 9 : x( y@ X  p                        0  @  P  `  p                        0  @  P  `  p                        0  @  P  `  p                      0 @ P ` p             0 @ P `x0 ,\#$X4().137N0: <;BF|LJLM"QS$T6UY\BT_b0evgtjmrTlv y}f,4Hbr04`< ԯ"x$,Xlj.: f$:`@p h%,-8/13t:>AAC4GMUIR3 /+xb@I$)+ MUIen-US@H=Select Computer or DomainMS Shell DlgPThe computer this console is running on PD Local compu&ter P! ?T&he Active Directory domain of which this computer is a member P1 Another Active Directory &domain (Use the full DNS name or IP address): PP A&nother computer:P"?qP"]qX]2B&rowse...@HGeneralMS Shell DlgP P+ oGeneral propertiesP*rP9>p&Name:PDP_q&Description:DPijȐ Key Exchange Security MethodsMS Shell DlgP P2uProtect identities during authentication with these security methods.P-rP3|Security &method preference order: P?ZSysListView32List1P?2A&dd...PQ2&Edit...Pc2&RemovePz2Move &upP2Move d&ownP2OKP2Cancel@H=MS Shell DlgH| IDC_INFORMATIVETEXT: this field set at runtime to the appropriate informative stringPNa&me:P P &Description:DP,=@H=Security Rule WizardMS Shell DlgPtWelcome to the Create IP Security Rule WizardPt&A security rule governs how and when security is invoked based upon criteria, such as the source, destination, and type of IP traffic, in the security rule's IP filter list.PtIA security rule contains a collection of security actions that are activated when a communication matches the criteria in the IP filter list.Pt- Filter actionsPt|- Authentication methods Ptr- IP tunneling attributes PthSecurity actions:PtTo continue, click Next.@H=Security Rule WizardMS Shell DlgPtSelect the network type: P PAll network &connections P <&Local area network (LAN) P) =&Remote access H7p >&Specific Adapter Type:!H"FbOȀ xIKE Security AlgorithmsMS Shell DlgPir&Integrity algorithm:!Pj+P's&Encryption algorithm:!P1j+PE}t&Diffie-Hellman group:!POj+ZP8c2OKPoc2CancelHw %Key LengthHRoundsHw.%Key LengthH>Rounds@H =Security Rule WizardMS Shell DlgPtSet the initial authentication method for this security rule: P 6Active Directory &default (Kerberos V5 protocol) P MUse a &certificate from this certification authority (CA): PV NUse this &string to protect the key exchange (preshared key):P%*P*28B&rowse...DP%d,7X%I w&Enable certificate to account mappingX%= xE&xclude the CA name from the certificate requestPA@H=Security Rule WizardMS Shell DlgPtIf no IP filter in the following list matches your needs, click Add to create a new one.P&IP filter lists:P(R:SysListView32List1P(2.&Add...P;2/&Edit...PM20&RemovePA@H=Filter Action WizardMS Shell Dlg P dP&ermit P eB&lock P cNegotiate &securityPA@H=Filter Action WizardMS Shell Dlg P c&Do not allow unsecured communication. P' Allow &unsecured communication if a secure connection cannot be established.P!5Use this option if there are computers on your network that do not support IPsec or have an incompatible IPsec configuration. Allowing unsecured communication may expose your network to security risks.P!QOn a computer with Windows Vista or a later version of Windows, this option allows unsecured communication to be sent anytime a secure connection cannot be established.P!lOn a Windows 2000, Windows XP, or Windows 2003 computer, this option allows unsecured communications to be sent only when the remote computer does not support IPsec.PDo you want to allow communication with computers that do not support IPsec?@H=Filter Action WizardMS Shell DlgPtWelcome to the IP Security Filter Action WizardPt'Use this wizard to specify properties for a new filter action.Pu= A filter action sets the security requirements for a data transfer. These requirements are specified in a list of security methods contained in the filter action.Pvd(Data transfer is only possible when the computers involved use the same security methods. Multiple security methods increase the chance that two computers will use the same method.PtTo continue, click Next.@H=IP Filter WizardMS Shell DlgPtWelcome to the IP Filter WizardPt2This wizard helps you provide the source, destination, and traffic-type information needed to filter IP traffic.PtZ You can add multiple filters to build an IP filter list that matches on IP packets for multiple source or destination computers, or for many different traffic types.PtTo continue, click Next.@H=Filter Action WizardMS Shell DlgPtThis filter action requires at least one security method for IP traffic. P BInt&egrity and encryption P.u A&Integrity only PHi &Custom P!"Data will be encrypted, authenticated, and unmodified.P!:Data will be authenticated and unmodified, but will not be encrypted. P!T2@&Settings...@̐=IP Filter ListMS Shell DlgP P,tAn IP filter list is composed of multiple filters. In this way, multiple subnets, IP addresses and protocols can be combined into one IP filter.P #(rP &F&Name:P 1P C&&Description:DP N P smIP Filter&s: P }(GSysListView32List1P<2&Add...PN2&Edit...P`2&RemoveP2OKP2CancelPqC Use Add &WizardPA@H=IP Filter WizardMS Shell DlgP&Source address:!P XP#O&IP address:Pk $HPMirr&ored. Match packets with the exact opposite source and destination addresses.@H=IP Filter WizardMS Shell DlgP&Destination address:!P SP#OIP add&ress:Pk @H=IP Filter WizardMS Shell DlgP&Select a protocol type:!P! CG P!C7Phmsctls_updown32Spin1PA@H=Filter Action WizardMS Shell DlgPu^ Edit &propertiesPtCompleting the IP Security Filter Action WizardPt%You have successfully completed the IP Security Filter Action Wizard.Pt>To edit your filter action now, select the Edit properties check box, and then click Finish.PtmTo close this wizard, click Finish.PA@H=Security Rule WizardMS Shell DlgPtf Edit &propertiesPt Completing the Security Rule WizardPt+You have successfully completed specifying the properties for your new rule.PtDTo edit your security rule now, select the Edit properties check box, and then click Finish.PtmTo close this wizard, click Finish.PA@H=IP Security Policy WizardMS Shell DlgPt\M Edit &propertiesPtCompleting the IP Security Policy WizardPt,You have successfully completed specifying the properties for your new IP Security policy.PtCTo edit your IP Security policy now, select the Edit properties check box, and then click Finish.PtmTo close this wizard, click Finish.PA@H=IP Filter WizardMS Shell DlgPtd Edit &propertiesPtCompleting the IP Filter WizardPt+You have successfully completed the IP Filter Wizard.PtDTo edit your IP filter now, select the Edit properties check box, and then click Finish.PtmTo close this wizard, click Finish.PA@H=Security Rule WizardMS Shell DlgPtIf no filter action in the following list matches your needs, click Add to create a new one. Select Use Add Wizard to create a filter action using the wizard.PFilter A&ctions:P(R;SysListView32List1P(21&Add...P;22&Edit...PM23&RemovePB Use Add &WizardPA@H RulesMS Shell DlgP P+uSecurity rules for communicating with other computersP-rP2z&IP Security rules:)P>SysListView32List1P2A&dd...P>2&Edit...Pw2&RemovePC Use Add &WizardPA@H IP Filter ListMS Shell DlgP P2tThe selected IP filter list specifies which network traffic will be affected by this rule.P-rP3zIP Filter &Lists:P@:SysListView32List1P2.A&dd...P?2/&Edit...Pw20&RemoveHC Use Add &WizardPA@H Filter ActionMS Shell DlgP P2 zThe selected filter action specifies whether this rule negotiates for secure network traffic, and how it will secure the traffic.P-rP3z&Filter Actions:P@;SysListView32List1P21A&dd...P?22&Edit...Pw23&RemovePC Use Add &WizardPA@H Tunnel SettingMS Shell DlgP P2"{The tunnel endpoint is the tunneling computer closest to the IP traffic destination, as specified by the associated IP filter list. It takes two rules to describe an IPsec tunnel.P9r PA E&This rule does not specify an IPsec tunnel. PQ 5Tunnel endpoints are specified by these &IP addresses:P_yIPv4 tunnel endpoint:Pid<<IP Edit control>>P}zIPv6 tunnel endpoint:P<<IP Edit control>>H2)Advanced...PA@H Authentication MethodMS Shell DlgP P2 sThe authentication method specifies how trust is established between the computers. P-r P6 6Active Directory &default (Kerberos V5 protocol) PE MUse a &certificate from this certification authority (CA): P NUse this &string (preshared key):PRPR28&Browse...DPK7Xd xE&xclude the CA name from the certificate requestXp w&Enable certificate to account mapping@HConnection TypeMS Shell DlgP P2qThis rule only applies to network traffic over connections of the selected type.P-r P6 PAll &network connections PF <&Local area network (LAN) PU =&Remote access Hcp >&Specific Adapter Type:!HrbOȀKey Exchange SettingsMS Shell DlgP Master key &perfect forward secrecy (PFS)P?63 mi&nutes P15P?RY y&session(s) PN5IPk2&Methods...P_Protect identities with IKE security methods:P{PInternet Key Exchange (IKE) for Windows.PJointly developed by Microsoft and Cisco Systems, Inc.P2OKP2CancelP% vAuthenticate and generate a new key after every:PC xAuthenticate and generate a new key after every:@HSecurity MethodMS Shell Dlg P BInt&egrity and encryption P( A&Integrity only PK &CustomPData will be encrypted and verified as authentic and unmodified.P5Data will be verified as authentic and unmodified, but will not be encrypted.PX2@&Settings...ȀWarningMS Shell DlgPP$ Warning!DPrPf &Do not show warning againP2&YesP2&NoPAȀCustom Security Method SettingsMS Shell DlgPtSpecify the settings for this custom security method.P Data and address integrity without encryption (&AH) :P &Integrity algorithm:#P,Z2P; hData integrity and en&cryption (ESP):PFI&ntegrity algorithm:#PPZ2P`s&Encryption algorithm:!PjZ2P}1Session key settings:Pb &Generate a new key every:PF5&Kbytes P2Pa Gene&rate a new key every:P&seconds P2P2OKP2Cancel@HSecurity MethodsMS Shell Dlg P dPer&mit P eB&lock P c&Negotiate security:HiOffer these security methods when negotiating with another computer.P*g&Security method preference order: P4ZSysListView32List1P42A&dd...PF2&Edit...PX2&RemovePo2Move &upP2Move d&ownP A&ccept unsecured communication, but always respond using IPsec$PAllo&w fallback to unsecured communication if a secure connection can not be establishedP Use session &key perfect forward secrecy (PFS)@H Manage IP Filter ListsMS Shell DlgP P2tThis dialog box allows you to create and maintain the IP filter lists that define your network traffic.P3 uThe available IP filter lists are shared by all IP Security policies.P9rP=zIP Filter &Lists:PGy:SysListView32List1P2.A&dd...P?2/&Edit...Pw20&RemovePA@H GeneralMS Shell DlgP P+ oIP Security policy general propertiesP-rP1>p&Name:P<POq&Description:DPZ8PK&Check for policy changes every: P(JP1YLminute(s)P2&Settings...PPerform key exchange using additional settings:PA@H=IP Security Policy WizardMS Shell DlgPsWelcome to the IP Security Policy WizardPs2#This wizard helps you create an IP Security policy. You will specify the level of security to use when communicating with specific computers or groups of computers (subnets), and for particular IP traffic types.PtTo continue, click Next.@H=Security Rule WizardMS Shell DlgP{An IPsec tunnel allows packets to traverse a public or private network with the security level of a direct, private connection between two computers. PtSpecify the tunnel endpoint for the IP Security rule: P&  E&This rule does not specify a tunnel P5 5The tunnel endpoint are specified by the following &IP addresses:P%CyIPv4 tunnel endpoint:P%Md<<IP Edit control>>P%azIPv6 tunnel endpoint:P%k<<IP Edit control>>PA@H=IP Security Policy WizardMS Shell DlgP!Note: The default response rule is supported only on computers that are running Windows 2003 and Windows XP.$P= Activate the default &response rule (earlier versions of Windows only). PThe default response rule responds to remote computers that request security, when no other rule applies. To communicate securely, the computer must respond to requests for secure communication. PA@H AddressesMS Shell DlgPD&Source address:!PXP &O&IP address:Pc$PRI&Destination address:!P]SP tOIP add&ress:Pcq$PMirr&ored. Match packets with the exact opposite source and destination addresses.@H ProtocolMS Shell DlgPSelect a &protocol type:!PCG P!C7PZ! msctls_updown32Spin1P7kSet the IP protocol port: PD &From any port PQ F&rom this port: P!\C Pr &To any port P T&o this port: P!C@HDescriptionMS Shell DlgPtSpecify a name or brief description for the IP filter.P#rP*&Description:DP51@H Manage Filter ActionsMS Shell DlgP P2tThis dialog box allows you to create and maintain the filter actions that define the security of your network.P3 uThe available filter actions are shared by all IP Security policies.P9rP=z&Filter Actions:PGy;SysListView32List1P21A&dd...P?22&Edit...Pw23&RemovePC Use Add &WizardPA@H=IP Filter WizardMS Shell DlgPSet the IP protocol port: P &From any port P F&rom this port: P!%C P; &To any port PI T&o this port: P!UC@HGeneralMS Shell DlgP P+ oSpecify a name and detailed description for the filter action.P*rP9>&Name:PDP_&Description:DPij@H Authentication MethodsMS Shell DlgP P2#tAuthentication methods specify how trust is established between computers. These authentication methods are offered and accepted when negotiating security with another computer.P-rP5Authentication &method preference order: P?ZSysListView32List1P?2A&dd...PQ2&Edit...Pc2&RemovePz2Move &upP2Move d&own@H =IP Security Policy WizardMS Shell DlgPtSet the initial authentication method for this security rule: P 6Active Directory &default (Kerberos V5 protocol) P MUse a &certificate from this certification authority (CA): PW NUse this &string to protect the key exchange (preshared key):P%-P-28B&rowse...DP%d,7X%J w&Enable certificate to account mappingX%> xE&xclude the CA name from the certificate requestPA@@=IP Filter WizardMS Shell DlgP&Description:DP1$Pm&Mirrored. Match packets with the exact opposite source and destination addresses.Ȁ=IP Filter WizardMS Shell Dlg$PMirr&ored. Match packets with the exact opposite source and destination addresses.3Create and edit Internet Protocol Security policiesIP Security Policy ManagementSize (from IDS_SIZE)Type (from IDS_TYPE)Local ComputerInternet Protocol Security (IPsec) Administration. Manage IPsec policies for secure communication with other computers. Portions of IPsec and related services were jointly developed by Microsoft Corporation and Cisco Systems, Inc.Microsoft CorporationSecurity PoliciesFilter ActionsAvailable security policiesAvailable filter actionsDFilter action links, each containing associations to IP filter listsAssociated Filters IP FiltersAvailable IP FiltersICMPTCPUDPRAWDESMD5SHA1 Are you sure?AnyInvalidNew IP Filter ListNew IP Security PolicyNew Filter ActionEYou must enter a port number that is in the range of 0 through 65535.(A valid IP filter list must be selected.'A valid filter action must be selected. ESP IntegrityNone@The following error occurred when removing IP Security data. %1The IPsec policy data could not be saved because you do not have administrative permissions (you must be a member of the Administrators group). As a result, data might have been lost. (Error = %1!lx!)<None> 40 bit DES3DESLow (1) Medium (2) High (2048)IKEdThe tunnel endpoint name resolved to multiple IP addresses. The first address returned will be used.ZThe tunnel endpoint name could not be resolved. No IP address information could be cached.(Unable to verify integrity (Error = %lx)Integrity verifiedjYou must enter a value that is in the range of 300 seconds (5 minutes) through 172,800 seconds (48 hours).wYou must enter a value that is in the range of 20,480 kilobytes (20 MB) through 2,147,483,647 kilobytes (2,097,152 MB).3Default response (earlier versions of Windows only) L2TP Base L2TP ExtendedYesNoAllLAN Remote access9A data error has occurred. The interface type is unknown.3This rule no longer has a valid IP filter selected., with policy storage iThe IPsec policy storage container could not be opened. No domain controller can be found for the domain.uThe IPsec policy storage container could not be opened. Communication with Active Directory could not be established.The IPsec policy storage container could not be created. You might not have administrative permissions (you must be a member of the Administrators group). For the IPsec policy storage container to be created, you must have administrative permissions.The IPsec policy storage container could not be opened. You might not have administrative permissions (you must be a member of the Administrators group). For the IPsec policy storage container to be opened, you must have administrative permissions.ZThe IPsec policy storage container could not be opened. The following error occurred: %1.TypeESP ConfidentialityName DescriptionEncryption and IntegrityIntegrity onlyCustom&Create IP Security Policy...Creates an IP Security policy.&Import Policies...3Imports IP Security policy information from a file.PA&Export Policies...;Exports information for all IP Security policies to a file.New Security MethodEdit Security MethodDRefreshes IPsec policy information from the policy storage location.Invalid &Un-assign6Un-assigns this policy (attempts to make it inactive).&Assign1Assigns this policy (attempts to make it active).IP Filter List Filter ActionAuthentication MethodsTunnel EndpointConnection TypePAKA data error has occurred. No IP filter has been associated with this rule.MA data error has occurred. Multiple IP filters are associated with this rule. AH Integrity Compression Encryption IntegrityThe selected IP filter list is currently being used by this rule. Select a different IP filter list before attempting to remove it.The selected filter action is currently being used by this rule. Select a different filter action before attempting to remove it.A data error has occurred. <Dynamic><None>Policy AssignedNew Rule Edit RuleWSelect a certification authority (CA) you want to use when verifying IPsec certificatesLThere was an error in displaying the trusted root certification authorities.ExportManage IP Filter ListsIP Security Policies on %1Active DirectoryFeature not implemented.IA data error has occurred. No filter action is associated with this rule. <Integral> <Dynamic><Data Error: Unknown type>Kerberos Certificate Preshared KeyDynamicPA&Restore Default PoliciesDRestores the default IP Security policies to their initial settings.VThe default IP Security policies were successfully restored to their initial settings.!You must select AH, ESP, or both.Diffie-Hellman Group9This filter action requires at least one security method.ZNo ESP encryption or integrity algorithm was selected. The ESP selection has been removed.An IPsec policy has been provided by the domain controller. Domain provided policy overrides policy assigned on the local (or remote) computer.KAllowing unsecured communication may expose your network to security risks by allowing IP traffic to be sent with no authentication or encryption. On a computer with Windows Vista or a later version of Windows, this option allows unsecured communication to be sent anytime a secure connection cannot be established. On a Windows 2000, Windows XP, or Windows 2003 computer, this option allows unsecured communications to be sent only when the remote computer does not support IPsec. Are you sure you want to allow unsecured communication when secure communication cannot be established?Enable unsecured communication?YYou must enter a number that is greater than zero in the host portion of this IP address.\You must enter a number that is greater than zero in the network portion of this IP address.The IPsec policy is assigned, but the IPsec service is not running. You must start the 'IPsec Services' service to activate the assigned policy.TPolicy is assigned, but it is being overridden by Active Directory-assigned policy. PACreate IPsec Security policyAdd IPsec Security Rule<Enter the name and description of the new IP Security policyQThere was an error retrieving the distinguished name string from the certificate.kSelect the certification authority that you require for IPsec authentication when using this security rule.The default ""Anybody"" IP filter could not be found, probably because it was explicitly removed. You can either continue without this filter, or a new one can be generated for you. If you choose to restore the default filter the IPsec Responder, Lockdown, and Secure Initiator policies will also be restored to their initial settings. Do you want to restore the default policies?sA filter must be selected for this IPsec policy. The default Any rule was removed, so you must select another rule.Add a filter action-&Manage IP filter lists and filter actions...PA+Manages IP filter lists and filter actions.)Manage IP filter lists and filter actions"<This value appears to be invalid> Hos&t name:&IP Address or Subnet: &Host name:Cached IP Address:<None>AnyOther My IP AddressAny IP AddressA specific DNS NameA specific IP Address or SubnetA specific IP SubnetPA8Select which computer or domain this snap-in will manageBThe source address has been adjusted by the specified subnet mask.GThe destination address has been adjusted by the specified subnet mask."A source DNS name must be entered.'A destination DNS name must be entered.UThe source DNS name resolved to multiple IP addresses. The first one is being cached.ZThe destination DNS name resolved to multiple IP addresses. The first one is being cached.UThe source DNS name could not be resolved. No IP address information is being cached.ZThe destination DNS name could not be resolved. No IP address information is being cached.mIP security cannot be triggered by port 500 traffic. Port 500 is used by Internet Key Exchange (IKE) traffic. IP FilterMirroredDestination DNS NameDestination AddressPAProtocol Source PortDestination PortSource DNS NameSource Address Description:When this console is saved the location will also be savedA filter action requires at least one security method for negotiation. This filter action has none. Select a different one, or add a security method.kThe currently selected filter action has been deactivated because at least one security method is required.uThis IP filter list is empty. It will not match IP packets. Do you want to save this filter list without any filters?GYou must enter a protocol number that is in the range of 0 through 255.kYou cannot use a multicast address for a subnet or for both the source address and the destination address.cAn IP filter list requires at least one filter to be activated. This IP filter list has no filters.Set the name and description.5This is an invalid mask for the specified IP address.7The source and destination address can not be the same.&CloseThe settings you have selected correspond to a %1 security level. Your security method's type will be changed to reflect this state.1DNS names are only used to build IP address filters. To ensure security, do not add, delete, or change source or destination IP addresses without updating this filter list and verifying that all IP addresses for a computer are included. Do you want to create a filter for each of the listed addresses? Security Warning]This security method duplicates an existing one. Either modify it, or cancel this dialog box.IP Add&ress or Subnet:EGPHMPXNS-IDPRDPRVD(%1)'s generated filter actionFSpecify how this policy responds to requests for secure communication.cTo add multiple authentication methods, edit the default response rule after completing the wizard.4The security rule must be applied to a network type.[To add multiple authentication methods, edit the security rule after completing the wizard.YSelect the IP filter list for the type of IP traffic to which this security rule applies.0Select the filter action for this security rule.jSpecify whether this rule indicates that the computer should act as a tunnel server or as a tunnel client.The tunnel endpoint is the tunneling computer closest to the IP traffic destination, as specified by the security rule's IP filter list.Set the filter action behavior.aCommunicating with computers that do not support IPsec may expose your network to security risks.Specify a security method for IP traffic. To add multiple security methods, edit the filter action after completing the wizard.Add an IP filter.-Specify the source address of the IP traffic.2Specify the destination address of the IP traffic.PApSelect the IP protocol type. If this type is TCP or UDP, you will also specify the source and destination ports.SMany TCP/IP application protocols are established with well-known TCP or UDP ports.bYou must enter a number that is greater than zero in the first octet of this IP address or subnet.^You must enter a number that is less than 240 in the first octet of this IP address or subnet.6A multicast address is not valid for a tunnel address.CThe loopback address (127.0.0.1) is not valid for a tunnel address.IP Filter List WarningyThe description for the destination IP subnet is being changed to "%1" because the subnet mask does not specify a subnet.tThe description for the source IP subnet is being changed to "%1" because the subnet mask does not specify a subnet.&You must enter a remote computer name.Kerberos is valid only when this rule is enabled on a computer which is a member of a domain. This computer is not a member of a domain. Do you want to continue and save these rule properties?Key Lifetimes (KB/sec) %1!i! / %2!i!Edit Authentication MethodNew Authentication MethodOThere was a problem refreshing policies. Continue refreshing? (Error = %1!lx!)&FinishYou must enter a domain name.qAn error occurred attempting to assign a restored default policy. You must specify the assigned policy manually.An error occurred during the attempt to refresh the IPsec policy. The policy might have been deleted or the connection to the IPsec policy storage location might have been lost. (Error = %1!lx!)<Name this IP Security policy and provide a brief descriptionIP Security Policy Name!Requests for Secure Communication+Default Response Rule Authentication MethodTunnel Endpoint Network TypeAuthentication MethodIP Filter List Filter ActionFilter Action NamePA8Name this filter action and provide a brief description.Filter Action General Options6Communicating with computers that do not support IPsecIP Traffic SecurityIP Traffic SourceIP Traffic DestinationIP Protocol TypeIP Protocol PortKThe version of the IPsec policy in the IPsec policy storage location is an earlier version (%d.%d) than that expected (%d.%d). As a result, this component might not function correctly. Default settings will be used for any IPsec policy data that is not found in the policy storage location. You should upgrade the policy version.The version of the IPsec policy in the IPsec policy storage location is a later version (%d.%d) than expected (%d.%d). As a result, this component might not function correctly, and some of the policy data in the policy store will be ignored. You should upgrade this component.The version of the IPsec policy in the IPsec policy storage location is not supported. The IPsec policy in the policy storage is version (%d.x). This component only supports version (%d.x). You must upgrade this component for the stored IPsec policy to function correctly. 8No policy storage was found for the specified provider. aNo IPsec policy version information was found. As a result, IPsec policies cannot be retrieved. The version of the IPsec policy in the IPsec policy storage location is not supported. The IPsec policy in the policy storage is version (%d.x). This component only supports version (%d.x). You must upgrade this component for the stored IPsec policy to function correctly. KActive Directory does not contain a shared certificate store. When configuring Active Directory-based IPsec policy to use certificate authentication, you must ensure that each domain member has an appropriate certificate installed. Do you want to select a certification authority from the certificate store on the local computer? You must type a name.PAThe network connection to the IPsec policy storage location was lost. Close all open dialog boxes. Do you want to attempt to reconnect to the IPsec policy storage location now? Certification authorityMethodDetails-You must browse for a certification authority You must specify a preshared key*You must specify an authentication method.MThe IP filter lists cannot be removed because one or more of them are in use.XThe selected IP filter actions cannot be removed because one or more of them are in use.3Key exchange requires at least one security method.+IP Filter Description and Mirrored propertyUse the Description field to specify a name or a detailed explanation of the IP filter. Select the Mirrored check box to specify a filter in each direction.Last Modified Time%1 (%2)CSoft security associations are not allowed for IPsec tunnel policy.DNS Servers <dynamic>WINS Servers <dynamic>DHCP Server <dynamic>Default Gateway <dynamic>Internet Proxy Server <dynamic>PA HTTP ProxyZYou can only select a dynamic address for the source or for the destination, not for both.GPO Name PrecedenceOU&View..., NThe loopback address (127.0.0.1) is not a valid source or destination address.<Destination IP version does not match the source IP version.YesNosESP with encryption and no authentication is no longer supported. Use integrity (MD5 or SHA1) with the ESP format.IThe DNS name '%1' could not be resolved. You must enter a valid DNS name.GThe following source IP addresses were found for DNS name '%1': %2.KThe following destination IP addresses were found for DNS name '%1': %2., Out of memory.+You must enter a name for the IPsec policy.>You must enter a number that is in the range of %1 through %2.`The number of minutes is invalid. You must enter a number that is in the range of %1 through %2.jThis key exchange security method duplicates an existing one. Either modify it, or cancel this dialog box.IThe IP filter lists could not be removed, due to the following error: %1.KThe IP filter actions could not be removed, due to the following error: %1.eYou cannot add more security methods. The maximum number of security methods have already been added.You cannot add more key exchange security methods. The maximum of %d key exchange security methods have already been added to the list.There is already a preshared key in the list of authentication methods. A rule cannot have multiple preshared keys as the authentication methods.6This authentication method duplicates an existing one.1Conversion of unicode to multibyte string failed.IPsec Policy Files All FilesVerdana12Certificate to account mapping is not allowed on computers that are not members of a domain. IPsec negotiations that use certificate mapping will fail. This option is being disabled for this method. Other methods that use this option should be edited to ensure correct IP Security behavior for this policy. When closing this dialog box, click OK to ensure that this option is properly disabled for this method.PA?The following error occurred when saving IP Security data: %1?The following error occurred when loading IP Security data: %14The operation failed due to the following error. %1tThe following error occurred when loading IP Security rule data. Some of the IP Security rules may be corrupted. %1<None>0IP address or subnet specification is not valid.Invalid addressPADEnter a valid IPv4 address, IPv6 address, or a subnet specification.Invalid character-Enter a valid IPv4 or IPv6 address or subnet.Invalid addressr%d filters were skipped in this filter list because they use features that are not compatible with this interface.Some filters were skipped~MD5 and DES are considered to be insecure algorithms and their use is not recommended. Are you sure that you want to use them?Importing policies may take several minutes or longer. Canceling this process or closing this program before import finishes could result in policy corruption. Do you want to continue?The default response rule is not valid on Windows Vista. It is valid only on earlier versions of Windows. Do you want to activate it?%1%2%37004VS_VERSION_INFO@%@%?StringFileInfo040904B0LCompanyNameMicrosoft Corporationt&FileDescriptionIP Security Policy Management Snap-inr)FileVersion6.3.9600.16384 (winblue_rtm.130821-1623)2 InternalNameIPSECSNP.LegalCopyright Microsoft Corporation. All rights reserved.JOriginalFilenameIPSECSNP.DLL.MUIj%ProductNameMicrosoft Windows Operating SystemBProductVersion6.3.9600.16384DVarFileInfo$Translation PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD