Chapter 2. IKEv2: The Protocol

This chapter takes you through the lifecycle of the Internet Key Exchange version 2. The chapter is structured to provide an overview of IKEv2, then detailed information about each exchange type (SA_INIT, IKE_AUTH, CREATE_CHILD_SA and INFORMATIONAL), so you will have a deep understanding of what is occurring within each.

Understanding the protocol will assist engineers when deploying and troubleshooting the technology, as well as designers making decisions that work when scoping VPN architectures.

This chapter was designed to be accessible, yet also still maintain details from the IKEv2 RFC and minimize output from Cisco-specific technologies to make this relevant if you work in a vendor agnostic environment.

Get IKEv2 IPsec Virtual Private Networks: Understanding and Deploying IKEv2, IPsec VPNs, and FlexVPN in Cisco IOS now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.