Skip to content

Commit be5efec

Browse files
authored
Update Default key module description for clarity
1 parent 0d6addb commit be5efec

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

docset/winserver2025-ps/NetSecurity/New-NetIPsecRule.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -425,7 +425,7 @@ Specifies that matching IPsec rules of the indicated key module are created.
425425
This parameter specifies which keying modules to negotiate.
426426
The acceptable values for this parameter are: Default, AuthIP, IKEv1, or IKEv2.
427427
428-
- Default: KeyModule is set based on the authentication method. As of Windows 11, version 24H2 and Windows Server 2025, the Default prefers IKEv2, falls back to IKEv1, and only includes AuthIP if the configured authentication method(s) require it. The protocol actually used depends on what the remote peer supports. In previous releases, Default is equivalent to both IKEv1 and AuthIP. This value is required in order for the rule to be applied to computers running Windows versions prior to Windows Server 2008.
428+
- Default: KeyModule is set based on the authentication method. As of Windows 11, version 24H2 and Windows Server 2025, the Default prefers IKEv2, falls back to IKEv1, and only includes AuthIP if the configured authentication method(s) require it. The protocol actually used depends on what the remote peer supports. In previous releases, Default prefers IKEv1 and falls back to AuthIP. This value is required in order for the rule to be applied to computers running Windows versions prior to Windows Server 2008.
429429
- AuthIP: Supported with phase 2 authentication.
430430
- IKEv1: Supported with pre-shared key (PSK), Certificates, and Kerberos. Supported with phase 1 authentication only.
431431
- IKEv2: Not supported with Kerberos or NTLM. Supported with phase 1 authentication only. When used with tunnel mode, the *TunnelType* parameter must be specified.

0 commit comments

Comments
 (0)