Chapter 6. Advanced IKEv2 Features

IKEv2 is a modular protocol and has the ability to incorporate a number of additional tweaks and features into the protocol itself.

The industry has developed additional features into IKEv2, such as IKEv2 fragmentation that was added after the initial release of the RFC. Prior to the standardization of IKEv2 fragmentation, it was implemented as a Cisco proprietary feature in Cisco IOS.

Cisco has developed a number of other proprietary features that interact with IKEv2 and enhance the architecture of VPNs. IKEv2 allows for the transportation of security group tags (SGT) when using Cisco TrustSec.

Cisco IOS allows for the handling of expired or revoked certificates in a strict manner, allowing for certificates ...

Get IKEv2 IPsec Virtual Private Networks: Understanding and Deploying IKEv2, IPsec VPNs, and FlexVPN in Cisco IOS now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.