Saturday 14 May 2011

IKEv1 vs IKEv2


IKEv1

UDP port

500

500, 4500

Phases

Phase 1 (6/3 messages) Phase 2 (3 messages)

Phase 1 (4 messages) Phase 2 (2 messages)

Keepalives

No

Yes

Identity Hiding

Yes in main mode, No in aggressive mode

Yes

UDP/NAT

No

Yes

SA Negotiation

Responder selects initiator's proposal

Same as IKEV1, proposal structure simplified

Number of Msgs

6–9

4–8

EAP/CP

No

Yes

No comments:

Post a Comment