Use this dialog box to add, edit, change priority, or remove the algorithm combinations that are available for key exchange during main mode negotiations. You can specify more than one algorithm combination and you can assign the order in which the combinations are tried. The first combination in the list that is compatible with both peers will be used.
Note | |
A best practice is to list the algorithm combinations in order of highest security at the top to lowest security at the bottom. This way, the most secure algorithm in common between the two negotiating computers is used. The less secure algorithms can be used for backward compatibility. |
How to get to this dialog box |
On the Windows Firewall with Advanced Security MMC snap-in page, in Overview, click Windows Firewall Properties.
Click the IPsec Settings tab.
Under IPsec defaults, click Customize.
Under Key exchange (Main Mode), select Advanced, and then click Customize.
Security methods
Security methods are combinations of integrity algorithms and encryption algorithms that protect the key exchange. You can have as many combinations as you need and you can arrange them in preferred order in the list. The combinations are attempted in the order in which they are displayed. The first set to be agreed upon by both peer computers is used. If the peer computer cannot use any of the combinations you define, the connection attempt fails.
Some algorithms are supported only by computers running this version of Windows. For more information, see
To add a combination to the list, click Add to use the Add or Edit Security Method dialog box.
To reorder the list, select a combination, and then click the up or down arrows.
Note | |
As a best practice, order the combinations from highest security at the top of the list to lowest security at the bottom. This ensures that the most secure method that both peers can support is used. |
Key lifetimes
Lifetime settings determine when a new key is generated. Key lifetimes allow you to force the generation of a new key after a specified time interval or after a specified number of sessions have been protected by using the current key. Using multiple keys ensures that if an attacker manages to gain access to one key, only a small amount of information is exposed before a new key is generated and the network traffic is protected once again. You can specify the lifetime in both minutes and number of sessions. The first threshold reached is used and the key is regenerated.
Note | |
This key regeneration is for main mode key exchange only. These settings do not affect the key lifetime settings for quick mode data protection. |
Minutes
Use this setting to configure how long the key used in main mode security association lasts, in minutes. After this interval, a new key is generated. Subsequent main mode sessions use the new key.
The maximum lifetime is 2,879 minutes (48 hours). The minimum lifetime is 1 minute. We recommend that you rekey only as frequently as your risk analysis requires. Excessively frequent rekeying can impact performance.
Sessions
A session is a distinct message or set of messages protected by a quick mode SA. This setting specifies how many quick mode key generating sessions can be protected using the same main mode key information. After this threshold is reached, the counter is reset, and a new key is generated. Subsequent communications will use the new key. The maximum value is 2,147,483,647 sessions. The minimum value is 0 sessions.
A session limit of zero (0) causes the generation of a new key to be determined only by the Key lifetime (in minutes) setting.
Use caution when setting very different key lifetimes for main mode and quick mode keys. For example, setting a main mode key lifetime of 8 hours and a quick mode key lifetime of 2 hours might leave a quick mode SA in place for almost 2 hours after the main mode SA has expired. This occurs when the quick mode SA is generated shortly before main mode SA expiration.
Important | |
The higher the number of sessions allowed per main mode key, the greater the chance of the main mode key being discovered. If you want to limit the number of times this reuse occurs, you can specify a quick mode key limit. |
Security Note | |
To configure main mode perfect forward secrecy (PFS), set Key lifetime in sessions to 1. Although this configuration provides significant additional protection, it also carries a significant computational and network performance penalty. Every new quick mode session regenerates the main mode keying material, which in turn causes the two computers to reauthenticate. We recommend that you enable PFS only in environments where IPsec traffic might be exposed to sophisticated attackers who might try to compromise the strong cryptographic protection provided by IPsec. |
Key exchange options
Use Diffie-Hellman for enhanced security
Windows Vista and later versions of Windows support Authenticated IP (AuthIP) in addition to Internet Key Exchange (IKE) for establishing the initial secure connection in which the rest of the IPsec parameters are negotiated. IKE uses Diffie-Hellman exchanges only. When AuthIP is used, no Diffie-Hellman key exchange protocol is required. Instead, when Kerberos version 5 authentication is requested, the Kerberos version 5 service ticket secret is used in place of a Diffie-Hellman value. When either certificate authentication or NTLM authentication is requested, a transport level security (TLS) session is established, and its secret is used in place of the Diffie-Hellman value.
If you select this check box, then a Diffie-Hellman exchange takes place regardless of the authentication type selected, and the Diffie-Hellman secret is used to secure the rest of the IPsec negotiations. Use this when regulatory requirements specify that a Diffie-Hellman exchange must be used.