Categories
CCNP Enterprise Core (350-401) Cisco Overlay

Internet Key Exchange

IKE is a protocol that performs authentication between two end points to establish a security association.

The security association established by the Internet Key Exchange is used to carry control plane and data plane traffic for IPSec.

There are two versions of IKE: Internet Key Exchange Version 1 as defined in RFC2409 and Internet Key Exchange Version 2 as defined in RFC 7296.

Internet Key Exchange version 2 is an improvement over version 1. It can offer certificate based authentication using EAP, anti denial of service, and fewer messages overall to establish a security association.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.