To configure advanced IPsec settings for Phase II

  1. In the console tree of ISA Server Management, click Virtual Private Networks (VPN).
  2. In the details pane, click the Remote Sites tab, and then select the applicable remote IPsec site network.
  3. On the Tasks tab, click Edit Selected Network.
  4. On the Connection tab, click IPsec Settings.
  5. On the Phase II tab, in Encryption algorithm, select one of the following:
  6. In Integrity algorithm, select one of the following:
  7. Select Generate a new key every to limit the amount of time a key is reused before reauthentication is required. Specify the time limit by typing a value in Kbytes, in seconds, or in both fields.
  8. Select Use Perfect Forward Secrecy (PFS) if master key material should not be used to generate more than one session key. Enabling PFS requires reauthentication and, therefore, may affect performance. Then, in Diffie-Hellman group, select one of the following:



web link Get latest ISA Server content at ISA Server Guidance(
Send feedback about this page Send feedback about this page.