IKE phase 1 and 2

gouki2005gouki2005 Member Posts: 197
I have some confuse here

if i understand well the IKE phase 1 is just for the keys and the peers right authetication and encryptation for the public key and who is the guy in the other side right?

and IKE phase 2 is for the data so now i have a secure path i know the other peer is safe so now i can send my data to the other side with AH or ESP

i am right or wrong?

Comments

  • instant000instant000 Member Posts: 1,745
    Are you trying to say this?
    • ISAKMP Phase 1: The first phase is a “setup” stage where two devices agree on how to exchange further information securely. This negotiation between the two units creates a security association for ISAKMP itself; an ISAKMP SA. This security association is then used for securely exchanging more detailed information in Phase 2.
    • ISAKMP Phase 2: In this phase the ISAKMP SA established in Phase 1 is used to create SAs for other security protocols. Normally, this is where the parameters for the “real” SAs for the AH and ESP protocols would be negotiated.
    Source:

    http://www.tcpipguide.com/free/t_IPSecKeyExchangeIKE.htm
    Currently Working: CCIE R&S
    LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!)
Sign In or Register to comment.