A. A. Its possible to enable logging for IPSec which will result in logs being written to the %systemroot%\debug\oakley.log by performing the following registry change:

  1. Start the registry editor (regedit.exe)
  2. Move to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
  3. From the Edit menu select New - Key
  4. Enter a name of Oakley and click OK
  5. Select the Oakley key and select New - DWORD value from the Edit menu
  6. Enter a name of EnableLogging
  7. Double click the new value and set to 1
  8. Close the registry editor

Restart the policy agent

C:\&gt; <b>net stop policyagent</b><br>
C:\&gt; <b>net start policyagent</b>