About Diffie-Hellman Groups
Fireware supports these Diffie-Hellman groups:
MODP
- Diffie-Hellman Group 1 (768-bit)
- Diffie-Hellman Group 2 (1024-bit)
- Diffie-Hellman Group 5 (1536-bit)
- Diffie-Hellman Group 14 (2048-bit)
- Diffie-Hellman Group 15 (3072-bit)
ECP
- Diffie-Hellman Group 19 (256-bit random)
- Diffie-Hellman Group 20 (384-bit random)
- Diffie-Hellman Group 21 (521-bit random)
In Fireware v12.10 and higher, Fireware supports Diffie-Hellman Group 21.
Diffie-Hellman performance can vary by WatchGuard hardware model. Different models are optimized with different cryptographic acceleration components that affect cryptographic performance.
Both peers in a VPN exchange must use the same DH group, which is negotiated during Phase 1 of the IPSec negotiation process. When you define a manual BOVPN tunnel, you specify the Diffie-Hellman group as part of Phase creation of an IPSec connection. This is where the two peers make a secure, authenticated channel they can use to communicate.
DH groups and Perfect Forward Secrecy (PFS)
In addition to Phase 1, you can also specify the Diffie-Hellman group to use in Phase 2 of an IPSec connection. Phase 2 configuration includes settings for a security association (SA), or how data packets are secured when they are passed between two endpoints. You specify the Diffie-Hellman group in Phase 2 only when you select Perfect Forward Secrecy (PFS).
PFS makes keys more secure because new keys are not made from previous keys. If a key is compromised, new session keys are still secure. When you specify PFS during Phase 2, a Diffie-Hellman exchange occurs each time a new SA is negotiated.
The DH group you choose for Phase 2 does not need to match the group you choose for Phase 1.
How to Choose a Diffie-Hellman Group
For branch office VPN tunnels and BOVPN virtual interfaces, the default DH group for both Phase 1 and Phase 2 is Diffie-Hellman Group 14.
If the speed for tunnel initialization and rekey is not a concern, you can use a higher DH group. Actual initialization and rekey speed depends on a number of factors. You might want to try one of the higher DH groups and decide whether the slower performance time is a problem for your network. If the performance is unacceptable, change to a lower DH group.