Monitor Connection Security Rules - Authentication

Applies To: Windows Server 2008

Monitoring rule authentication

Use this tab to see details about the connection security rule specific to authentication, including the First Authentication and Second Authentication.


Certificate authentication details, such as whether the Accept only health certificates or Enable Certificate to Account mapping options are being used, do not appear here. To view these details, right click the rule from the Connection Security Rules node and then select Properties to view the Connection Security Rules property dialog box.


This refers to the action taken on connections matching the rule criteria.

First Authentication Methods

Both the First and Second Authentication methods happen during the Main Mode phase of Internet Protocol security (IPsec) negotiations. In the First Authentication, you can view how the two peer computers authenticate using the Kerberos version 5 authentication protocol, computer certificates, or a preshared key.

For First Authentication, the Details column displays information for certificates and preshared keys only. For certificates, it displays the issuer details. For a preshared key, the details display the key in plain text.

Second Authentication Methods

For Second Authentication, you can view the user authentication method: either Kerberos version 5, NTLMv2, user certificates, or a computer health certificate.

For Second Authentication, the Details column displays information for certificates only, displaying the certificate issuer details.

Additional references

Authentication Settings

First Authentication

Second Authentication