Share via

Why is the "Ike and AuthIP IPsec Keying Modules" Service Set to Automatic (Trigger Start)

Anonymous
2023-09-24T23:55:30+00:00

I've noticed a service running in Task Manager called "Ike and AuthIP IPsec Keying Modules", and although it wasn't really consuming any resources, I wanted to check what it was in the Services list

the Service on my Windows 10 Pro 22h2 computer is set to Automatic (Trigger Start); however, I'm reading that the default startup type for this Service is Manual, and it's also set to Manual (Trigger Start) on my Windows 11 Home system.

not sure if this is the literal service it's connected to, but the IPsec Policy Agent Service does not run on either system, it's set to "Manual (Trigger Start)". I sort of understand what this Service does, but I'm just confused why it is set to Automatic (Trigger Start) when I've never really mingled with startup types before?

Windows for home | Windows 10 | Security and privacy

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2023-11-22T02:32:14+00:00

    sorry for the late reply; you say the Default startup type for the IKE and Authip Service is Automatic, yet for me it was always set to Manual

    I know this because the Service Control Manager event stated that the Service was changed from "demand start to auto start"

    there were no events before or after that that said "the Service was changed from auto start to demand start"

    my issue is that I did nothing to trigger it, or the Firewall event that corresponded to the Service changing. there were no Updates visible in System

    in the Windows Firewall with Advanced Security > ConnectionSecurity log, there are 5 events that happened at the exact same time as the IKE Service swapping from Manual to Automatic, all related to Xbox Live:

    "A phase 1 crypto set was added to IPsec Settings" (SetID was Xbox Live phase 1, Origin was Dynamic, and there was 1 NumSuite)

    "A phase 2 crypto set was added to IPsec Settings" (SetID was Xbox Live phase 2, Origin was Dynamic, and there was 1 NumSuite)

    "An authentication set has been added to IPsec Settings" (SetID was Xbox Live auth, Origin was Dynamic, and there were 3 NumSuite)

    "A main mode rule has been added in the IPsec Settings" (RuleID was Xbox Live security realm, Rule Name was 'Mainmode Rule for Security Realm ID', and there was 257 Flags)

    "A connection security rule was added to IPsec settings" (RuleID was Xbox Live security realm, Rule Name was 'Consec Rule for Security Realm ID', the Action was 'Require authentication for inbound and outbound connections')

    that's the general summary of the 5 events that occurred in that log. I do not have an Xbox, nor do I use XboxLive, and GameBar is disabled on my PC although I know Windows still has a fair amount of Xbox-related features

    5 people found this answer helpful.
    0 comments
  2. Anonymous
    2023-09-25T05:28:41+00:00

    Hello, Welcome to Microsoft Community.

    Thanks for your feedback, The "Ike and AuthIP IPsec Keying Modules" service is responsible for negotiating and managing Internet Protocol Security (IPsec) keys and security associations for the computer. This service is set to Automatic (Trigger Start) by default on Windows 10 and Windows 11 because it is required for IPsec to function properly. The trigger start feature allows the service to start automatically when it is needed, but it does not consume system resources when it is not in use.

    It is possible that the default startup type for this service was changed on your Windows 10 Pro 22h2 computer, or it may have been set to Automatic (Trigger Start) by a software installation or update. However, it is recommended to keep this service set to its default startup type to ensure that IPsec functions properly and your computer remains secure.

    If my understanding is wrong, please point it out, so that I can assist you better.

    Lugoo Bei | Microsoft Community Support Specialist

    1 person found this answer helpful.
    0 comments