Overview of negotiating IKEv2 security associations

The IKEv2 protocol is very similar to IKEv1 in many respects. Both protocols establish SAs in two phases. They first establish an SA that securely carries IKE messages between the peers, and subsequently establish additional SAs to carry the protected ESP or AH traffic. For IKEv2, the SA that carries IKE messages is referred to as the IKE SA, and the SAs for ESP and AH are child SAs.

For IKEv1, the corresponding terms for the two types of SAs are "ISAKMP SA" and "IPSec SA". We use the terms "phase 1 SA" and "phase 2 SA" to refer to the two SA types when the version of IKE is unknown or unimportant.

The message formats defined for IKEv2 are very similar to those for IKEv1. Both formats start with a message header that contains a protocol version field, so a receiving node can receive both types of messages on a single UDP port (by default, port 500), and easily tell whether the message is IKEv1 or IKEv2. Both include variable length payloads of a similar generic format.

The specific content and sequences of messages for IKEv2 are quite different from IKEv1. In IKEv2, all communications consist of pairs of messages: a request and a response. The pair is called an "exchange". The initial exchanges consist of the IKE_SA_INIT exchange and the IKE_AUTH exchange. These two exchanges establish both the IKE SA and the first Child SA. Subsequent exchanges are the CREATE_CHILD_SA exchanges and INFORMATIONAL exchanges, which perform other duties such as establishing additional child SAs and deleting SAs.