Dialog Box: Add or Edit Security Method

Published: January 20, 2009

Updated: January 20, 2009

Applies To: Windows 7, Windows Server 2008 R2

Use this dialog box to configure a security method offer that is available when negotiating main mode security associations. You must specify the integrity, encryption, and key exchange algorithm.

  1. On the Windows Firewall with Advanced Security MMC snap-in page, in Overview, click Windows Firewall Properties.

  2. Click the IPsec Settings tab.

  3. Under IPsec defaults, click Customize.

  4. Under Key exchange (Main Mode), select Advanced, and then click Customize.

  5. Under Security methods, select an algorithm combination from the list, and click Edit or Add.

Select one of the following integrity algorithms from the list.

  • SHA-384

  • SHA-256

  • SHA-1

  • MD5

    CautionCaution
    MD5 is no longer considered secure and should only be used for testing purposes or in cases in which the remote computer cannot use a more secure algorithm. It is included for backward compatibility only.

Select one of the following encryption algorithms from the list.

  • AES-CBC 256

  • AES-CBC-192

  • AES-CBC-128

  • 3DES

  • DES

    CautionCaution
    DES is no longer considered secure and should only be used for testing purposes or in cases in which the remote computer cannot use a more secure algorithm. It is included for backward compatibility only.

Select one of the following key exchange algorithms from the list.

  • Elliptic Curve Diffie-Hellman P-384

  • Elliptic Curve Diffie-Hellman P-256

  • Diffie-Hellman Group 14

  • Diffie-Hellman Group 2

  • Diffie-Hellman Group 1

    CautionCaution
    DH1 is no longer considered secure and should only be used for testing purposes or in cases in which the remote computer cannot use a more secure algorithm. It is included for backward compatibility only.

For more information about any of these algorithms, see IPsec Algorithms and Methods Supported in Windows 129230 (http://go.microsoft.com/fwlink/?linkid=129230).

Community Additions

ADD
Show: