In active directory I create two organization units, one of them has IPSec enabled to all computers and other not. in IPSec settings for first OU, create rule permit access the computers in second OU.
I can ping computers in first OU using Computer in second OU.
I can see Shared files in computers belong to Second OU using computers in First OU.
problem is I can't access any UNC path from first OU (IPSec enabled) in second OU. computers in second OU can reach themselves UNC paths.
M.Alizadeh