To remotely manage IPsec policies, you can use the IP Security Policy Management MMC (Microsoft Management Console) snap-in. To remotely monitor IPsec activity, you can use the IP Security Monitor MMC snap-in.

On Windows Server 2003, but not on Windows XP, you can use the Netsh command to remotely manage IPsec policies and to remotely monitor IPsec activity.

To manage IPsec policies for a remote computer on Windows Server 2003 or Windows XP SP2, you must be an administrator on the remote computer, and remote management must be enabled on the remote computer.

If you are not a member of the Domain Admins group, you, or a group you are a member of, must specifically be added to the remote computers' local Administrators group. A domain administrator can add you or your group using Group Policy Restricted Groups, a Startup script running net localgroup Administrators "DomainName\UserName" /ADD, or a Scheduled Task running net localgroup Administrators "DomainName\UserName" /ADD.

To enable remote management on the remote computer, see How do I enable a remote computer to be remotely managed or monitored?

NOTE: See How can I configure the IP Security Policy Management MMC snap-in to manage IPsec policies for remote computers?

NOTE: See How can I configure the IP Security Monitor MMC snap-in to monitor IPsec activity for remote computers?

NOTE: See How can I use the Netsh command on Windows Server 2003 to remotely manage IPsec policies and to remotely monitor IPsec activity?