locked
IPSec main mode algorithm selection RRS feed

  • Question

  • All,

    I am using windows 2012 server. I have established IPSec connection between two hosts using quick mode. I can see the added SAs for quick mode in windows firewall and advance security. I also set up main mode authentication methods and its also reflecting in the current SAs.

    But when I change the main mode authentication and encryption algorithm to some different algos, its not changing. I have set main mode settings to the custom mode. Still Its always taking SHA1-3DES.

    To create quick mode I followed the following link

    http://www.it.cornell.edu/services/managed_servers/howto/ipsec.cfm

    Is there a good tutorial or any help on this.

    Thursday, May 7, 2015 6:47 AM

Answers

  • Hi,

    First, please make sure that you have added the same custom setting on both side.

    Also, please remember that we need to move these settings to the first place of all settings.

    I have tested in my lab, it works for me.

    For detailed information about how to add the custom settings, please refer to the link below:

    https://technet.microsoft.com/en-us/library/cc811536.aspx

    Best Regards.


    Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Wednesday, May 13, 2015 6:56 AM