Hinweis
Für den Zugriff auf diese Seite ist eine Autorisierung erforderlich. Sie können versuchen, sich anzumelden oder das Verzeichnis zu wechseln.
Für den Zugriff auf diese Seite ist eine Autorisierung erforderlich. Sie können versuchen, das Verzeichnis zu wechseln.
Updated: January 20, 2009
Applies To: Windows 7, Windows Server 2008 R2
The tables in this topic list the default values for Internet Protocol security (IPsec) settings.
Key exchange
| Settings | Value |
|---|---|
Key lifetimes |
480 minutes/0 sessions* |
Key exchange algorithm |
Diffie-Hellman Group 2 |
Security methods (integrity) |
SHA1 |
Security methods (encryption) |
AES-128 (primary)/3-DES (secondary) |
*A session limit of zero (0) causes rekeys to be determined only by the Key lifetime (minutes) setting.
Data integrity
| Setting | Value |
|---|---|
Protocol |
ESP (primary)/AH (secondary) |
Data integrity |
SHA1 |
Key lifetimes |
60 minutes/100,000 kilobytes (KB) |
Data encryption
| Setting | Value |
|---|---|
Protocol |
ESP |
Data integrity |
SHA1 |
Data encryption |
AES-128 (primary)/3-DES (secondary) |
Key lifetimes |
60 minutes/100,000 KB |
Authentication method
Computer Kerberos version 5 authentication is the default authentication method.
How default settings work with Group Policy
Policies created using the Windows Firewall with Advanced Security snap-in and distributed with Group Policy are applied in this order:
Highest precedence Group Policy object (GPO).
Locally defined policy settings.
Service defaults, as shown in the tables in this topic.