telecom • networking • design

an EventHelix.com blog

IKE v2 Based VPN Establishment

1 Comment

Learn how IKEv2 signaling is used to establish an IPSec VPN tunnel.

IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security Payload (ESP) or Authentication Header (AH) and a set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry.

An example of IKEv2 handshake and an IPSec tunnel transport is illustrated with the sequence diagram. You can click on IKE messages in the sequence diagram to see field level details.

The following sequence of Virtual Private Network (VPN) setup are covered:

  1. A ping triggers establishment of the IKEv2 security association.
  2. An IPSec tunnel is setup with a Child Security Association setup handshake.
  3. The ping data gets transported over the IPSec tunnel.

IKEv2 Based IPSec VPN Establishment

Advertisements

One thought on “IKE v2 Based VPN Establishment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s