Skip to main content
montyadams
Staff
montyadams
Staff
August 5, 2025

Technical Tip: Understanding Diffie-Hellman Groups and IKEv1 vs IKEv2 in FortiGate VPNs

  • August 5, 2025
  • 1 reply
  • 15409 views
Description This article describes the role of Diffie-Hellman groups in IPsec VPN key negotiation and highlights the differences between IKEv1 and IKEv2. It includes best practices for selecting key exchange parameters on FortiGate devices.
Scope FortiGate devices are configured with IPsec VPNs using IKEv1 or IKEv2 protocols for site-to-site or remote access.
Solution

Diffie-Hellman Groups.

Diffie-Hellman (DH) groups are the key-exchange strength setting used in IKE (Phase 1) and optionally for PFS in ESP (Phase 2). Both peers must have at least one matching group.

Diffie-Hellman groups define the cryptographic strength used during key exchange. Larger group numbers offer higher security but may increase CPU load.

 

Group Type Bits Usage Recommendation
1 MODP 768 Deprecated
2 MODP 1024 Basic compatibility (weak)
5 MODP 1536 Legacy use
14 MODP 2048 Minimum recommended
19 ECP 256 Modern, efficient
20 ECP 384 High security
21 ECP 521 High security
31 Curve25519 256 Strong and efficient

 

IKEv1 vs IKEv2 Comparison:

 

Feature IKEv1 IKEv2
Exchange Mode Main or Aggressive Single mode
Message Count 6+ 4
NAT Traversal Supported More efficient
MOBIKE (Mobility) Not supported Supported
Crash Recovery No Yes
Re-key Support Manual Built-in
Cert Handling Manual Integrated
Recommended Use Legacy compatibility Modern deployments

 

Note: FortiGate is not compatible with MOBIKE devices for IKEv2.

 

CLI Example: IKEv2 with DH Group 20:

 

config vpn ipsec phase1-interface     edit "vpn-to-remote"         set interface "wan1"         set ike-version 2         set dhgrp 20         set proposal aes256-sha256         set psksecret ENC xxxxxxxx         set remote-gw 198.51.100.1     next end

 

CLI example: IKEv1 with DH Group 5:

 

config vpn ipsec phase1-interface     edit "vpn-legacy"         set interface "wan1"         set ike-version 1         set dhgrp 5         set proposal 3des-sha1         set psksecret ENC xxxxxxxx         set remote-gw 192.0.2.10     next end

 

Key notes:

  • Groups 1, 2, 5 → Legacy, avoid unless absolutely required for backward compatibility.

  • Group 14 (MODP 2048) → Baseline safe if elliptic curve groups are not available.

  • Groups 19 & 20 (ECP) → Elliptic curve groups, efficient and recommended.

  • Group 21 (MODP 3072) → Stronger than 14 but heavier; still considered acceptable if ECC is not usable.

  • Group 31 (Curve25519) → Modern and highly recommended for both security and performance.

 

On FortiGate, when configuring IPsec Phase 1 or 2, it is best practice to select Groups 14, 19, 20, or 31, depending on the peer's compatibility.

 

Best practices:

  • Use IKEv2 for all new deployments due to protocol efficiency, crash recovery, and better EAP and mobility support.
  • Group 14 is the minimum recommended DH group. Group 19 or 31 is preferred for stronger security and performance.
  • Verify compatibility with third-party vendors when changing DH groups.

 

GUI Configuration Path:

      1 reply

      GILMENDO
      Staff & Editor
      GILMENDO
      Staff & Editor
      August 5, 2025

      great job monty!

      Terms & ConditionsAccessibility statement