Windows Firewall Authorized users (remote users)

Good afternoon, sorry for my english.
I have a problem it is associated with a firewall or rather with user authorization through a rule.

 I have a test environment consists of 3 hosts.

HostDc (Windows server 2012 R2 + AD)
Host SRV-ACCESS (Windows Server 2012 r2)
Host B (Windows server 2012 r2)

I am using local policy establishes a connection between the IPSEC HostA and Host B. It uses the following settings Ipsec:
1. Ip Filter

2. Filter Action

3. Authentication method - Kerberos

4. Tunnel Setting - This rule does not specify an Ipsec tunnel

5. Connection Type - All network connection

When I see that the connection is established by Ipsec between two hosts. So I grab traffic and see that it is marked as ESP

When I turn off the Firewall in the host A. A Host B to create a rule

Then I do a ping command on Host B to host SRV-ACCESS and I see that all requests received HOST.

After that I added to the right user authentication MSK \ Administrator. After that, I go under the user MSK \ Administrator to host SRV-ACCESS and perform the Ping command packets but do not reach the host B.

I turn and see Auditpol Posts:

Filtering Platform Windows packages IP-block connections.
Event ID 5157
Information about the application:
Process ID:
4
Application Name:
System

For information about the network:
Direction: Inbound
Source Address:
192.168.20.2
Source Port:
8
Destination Address:
192.168.20.1
Port of Destination:
0
Protocol: 1

Filter Information:
ID filter performance:
72388
Name Level:
Get / Take
ID performance levels:
44
---------------------------------------------------------------------------------------------------------------------------------------------
The Windows Filtering Platform has blocked a packet.
Event ID 5152
Information about the application:
Process ID:
4
Application Name:
System

For information about the network:
Direction: Inbound
Source Address:
192.168.20.1
Source Port:
0
Destination Address:
192.168.20.2
Port of Destination:
8
Protocol: 1

Filter Information:
Code execution filter:
72388
Name Level:
Get / Take
Code execution level:
44
---------------------------------------------------------------------------------------------------------------------------------------------

I can not seem to figure out how to make what usually worked for domain users.
I did not find in the Internet is not a single article on how to make the authorization of a user, I found only articles about how to do authentication on the computer. By this I question whether it is possible in Windows Firewall to use the user authentication on the inside in the local domain. If it is possible, please tell me what I'm doing wrong

Thank you in advance for your reply