Monitored Quick Mode Security Associations

  • Article

Applies To: Windows 7, Windows Server 2008 R2

A quick mode negotiation establishes a secure channel between two computers to protect user data exchanged between them. During quick mode negotiation, keying material is refreshed or, if necessary, new keys are generated. A protection suite that protects the IP data traffic is also selected. The exchange of information required to negotiate a quick mode SA is performed within the context of the main mode SA. After the quick mode SA is established, then the two computers can exchange network packets within the context of the quick mode SA. There is only one main mode SA between a pair of computers, but there can be many quick mode SAs. Monitoring quick mode SAs can provide information about which peers are currently connected to this computer, and which protection suite is protecting the data exchanged between them. Separate SAs are created for Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6) connections.

To get to this view

  1. In the Windows Firewall with Advanced Security MMC snap-in, expand Monitoring, expand Security Associations, and then click Quick Mode.

The following information is available in the table view of all quick mode SAs. To see the information for single quick mode SA, double-click the item in the list.

Quick mode SA information

You can add, remove, reorder, and sort by these columns in the Results pane:

  • Local IP address: The local IP address.

  • Local port: The TCP or UDP port of the local computer used in the filter.

  • Remote IP address: The IP address of the remote computer or peer.

  • Remote port: The TCP or UDP port of the remote computer used in the filter.

  • Protocol: The protocol specified in the filter.

  • AH integrity: The AH protocol-specific data integrity method used for peer communications.

  • ESP integrity: The ESP protocol-specific encryption method used for peer communications.

  • ESP confidentiality: The ESP protocol-specific encryption method used for peer communications.

Any user account can be used to complete this procedure.

To add, remove, or reorder a column

  1. Right-click in a blank area in the Results pane for the Quick Mode folder, select View, and then click Add/Remove Columns.

  2. In the Add/Remove Columns dialog box, from the Available columns list, select the column you want to view, and then click Add. You can select only one column name at a time.

  3. You can also select columns that you do not want to view. From the Displayed columns list, click Remove. You can select only one column name at a time.

  4. To reorder the columns, from left to right, select a column in the Displayed columns list, and then click Move Up or Move Down. You can select only one column name at a time.

  5. When you are finished, click OK. The view will change to reflect your preferences.

Additional references