To work around this issue, use one of the following methods. The methods are listed in order of preference. The following workarounds use the local computer to demonstrate the changes that are needed. You can also use the Group Policy Management Console (GPMC) console to target a Group Policy object (GPO).
Method 1: Change the default authentication method to match the inbox system default, Computer (Kerberos V5)
- Log on to the computer by using an administrator account.
- Open the "Windows Firewall with Advanced Security" Microsoft Management Console (MMC) snap-in. To do this, click Start, type wf.msc in the Start Search box, and then press ENTER.
If you are prompted for an administrator password or for confirmation, type the password, or click
Continue.
- On the Actions pane, click Properties.
- Click the IPsec Settings tab, and then click Customize under IPsec defaults.
- Under Authentication method, click to select the Computer (Kerberos V5) check box.
- Click OK.
Important note After you follow these steps, all connection security rules that use the default authentication method will use Computer (Kerberos V5) for authentication.
Method 2: Change only those connection security rules that use the default authentication method to match the inbox system default, Computer (Kerberos V5)
- Log on to the computer by using an administrator account.
- Open the "Windows Firewall with Advanced Security" MMC snap-in. To do this, click Start, type wf.msc in the Start Search box, and then press ENTER.
If you are prompted for an administrator password or for confirmation, type the password, or click
Continue.
- On the navigation pane, click Connection Security Rules.
- For each rule in the result list, do the following:
- Click to highlight the rule, and then click Properties on the Actions pane.
- On the Authentication tab, click to select the Computer (Kerberos V5) check box under Method.
- Click OK.