IKEv1

E522215

Internet Key Exchange protocol network security protocol

IKEv1 is the original version of the Internet Key Exchange protocol used to establish secure, authenticated communication channels for IPsec VPNs.

Try in SPARQL Jump to: Surface forms Statements Referenced by

Observed surface forms (2)

Surface form	Occurrences
Internet Key Exchange	4
ISAKMP	1

Statements (47)

Predicate	Object
instanceOf	Internet Key Exchange protocol ⓘ network security protocol ⓘ
abbreviationFor	Internet Key Exchange version 1 NERFINISHED ⓘ
authenticationMethods	digital signatures ⓘ pre-shared keys ⓘ public key encryption ⓘ
category	IPsec key management ⓘ
definedBy	Internet Engineering Task Force NERFINISHED ⓘ
introduced	late 1990s ⓘ
messageTransport	UDP NERFINISHED ⓘ
negotiates	encryption algorithms for IPsec ⓘ integrity algorithms for IPsec ⓘ key lifetimes ⓘ
operatesOver	UDP port 500 ⓘ
phaseStructure	Phase 1 for IKE SA establishment ⓘ Phase 2 for IPsec SA negotiation ⓘ
provides	authentication ⓘ key establishment ⓘ security association negotiation ⓘ
purpose	establish secure communication channels for IPsec ⓘ perform key exchange for IPsec VPNs ⓘ provide mutual authentication between IPsec peers ⓘ
relatedSpecification	RFC 2407 NERFINISHED ⓘ RFC 2408 NERFINISHED ⓘ
scope	peer-to-peer VPN tunnels ⓘ remote access VPNs ⓘ site-to-site VPNs ⓘ
standardizedIn	RFC 2409 NERFINISHED ⓘ
status	obsoleted by IKEv2 in many deployments ⓘ
successor	IKEv2 NERFINISHED ⓘ
supports	NAT traversal via extensions ⓘ Perfect Forward Secrecy depending on configuration ⓘ aggressive mode ⓘ main mode ⓘ quick mode ⓘ
usedWith	IPsec NERFINISHED ⓘ IPsec VPNs ⓘ
uses	Certificate payloads ⓘ Diffie–Hellman key exchange NERFINISHED ⓘ Hash payloads ⓘ ISAKMP framework ⓘ Identification payloads ⓘ Key Exchange payloads ⓘ Oakley key determination protocol NERFINISHED ⓘ Security Association payloads ⓘ
vulnerabilities	configuration complexity leading to misconfigurations ⓘ susceptible to certain denial-of-service attacks ⓘ

Referenced by (7)

Full triples — surface form annotated when it differs from this entity's canonical label.

IKEv2 → obsoletes → IKEv1 ⓘ

NAT-T → relatedTo → IKEv1 ⓘ

IKE → fullName → IKEv1 ⓘ

this entity surface form: Internet Key Exchange

IKE → basedOn → IKEv1 ⓘ

this entity surface form: ISAKMP

IKE Phase 2 → partOf → IKEv1 ⓘ

this entity surface form: Internet Key Exchange

FFDHE groups → usedInProtocol → IKEv1 ⓘ

this entity surface form: Internet Key Exchange

RFC 2401 → relatedTo → IKEv1 ⓘ

this entity surface form: Internet Key Exchange