MSDTC with IPSEC - Distributed Transactions fail with IPSEC policy - Network

This is a discussion on MSDTC with IPSEC - Distributed Transactions fail with IPSEC policy - Network ; My application was using COM+ over Windows 2000 Server and was communicating with SQL Server 2000 on DB Server using MSDTC. My application needs to support transactions handled by COM+. Recently, I had to move my servers (both application server ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: MSDTC with IPSEC - Distributed Transactions fail with IPSEC policy

  1. MSDTC with IPSEC - Distributed Transactions fail with IPSEC policy

    My application was using COM+ over Windows 2000 Server and was communicating
    with SQL Server 2000 on DB Server using MSDTC. My application needs to
    support transactions handled by COM+.

    Recently, I had to move my servers (both application server hosting COM+
    components & DB server) to Windows 2003. An IPSEC policy has been applied
    that restricts all ports of DB Server to be accessible only from APP Server.
    I find that all those database communications involving transactions (DTC)
    fails when this policy is enabled.

    What is it going wrong here? Any suggestions on policy settings?



  2. Re: MSDTC with IPSEC - Distributed Transactions fail with IPSEC policy

    Offhand I don't know but you can enable advanced logging for ipsec via the
    netsh command to see what traffic is being dropped. I think the info in the
    link below explains how to do this and also much more information on
    troubleshooting ipsec. Information in the mmc snapin for IP Security can
    also give helpful information such as failed security associations I
    believe.

    Steve

    http://www.microsoft.com/technet/sec.../ipsecch7.mspx

    "Dhanashekaran" wrote in message
    news:eSgcv4Z0GHA.4920@TK2MSFTNGP06.phx.gbl...
    > My application was using COM+ over Windows 2000 Server and was
    > communicating
    > with SQL Server 2000 on DB Server using MSDTC. My application needs to
    > support transactions handled by COM+.
    >
    > Recently, I had to move my servers (both application server hosting COM+
    > components & DB server) to Windows 2003. An IPSEC policy has been applied
    > that restricts all ports of DB Server to be accessible only from APP
    > Server.
    > I find that all those database communications involving transactions (DTC)
    > fails when this policy is enabled.
    >
    > What is it going wrong here? Any suggestions on policy settings?
    >
    >




+ Reply to Thread