What is IKE?

anaheim99 · Post by **anaheim99** » Tue Jan 13, 2004 6:11 pm

Hello all, I'm just starting to learn VPN and want to know what does or what is IKE on VPN? Thanks in advance to all.

cyberskye · Post by **cyberskye** » Wed Jan 14, 2004 12:21 pm

IKE handles authentication and negotiation (which encryption scheme will be used) for IPSec. You could also use SKIP as an alternative but IKE is sorta standard.

Sorta like tcp/ip ... IKE/IPSec or SKIP/IPSec

Post by **YeOldeStonecat** » Wed Jan 14, 2004 12:24 pm

Stands for "Internet Key Exchange".

anaheim99 · Post by **anaheim99** » Wed Jan 14, 2004 4:41 pm

thanks for the reply fellows, one more thing I dont understand here, if IKE hadles the authentication and encryption then what does ISAKMP do? Sorry for the stupid question.

cyberskye · Post by **cyberskye** » Wed Jan 14, 2004 11:32 pm

IKE is the combination of two protocols.

InternetSecurityAssociation_and_KeyManagementProtocol
and
Oakley

As I stated above, IKE provides two functions - negotiation and key exchange.

ISAKMP handles the negotiation (read up on SA, or Security Association) which determines encrypt alogorithms among other things

Oakley handles the key exchange.

It may seem anal, but there are so many point in the 'grapevine' that can be attacked.

Welcome to the flexible world of IPSec.

I would recommend a good book on IPSec and VPNs in general before trying anything. "Inside Network Perimeter Security", NewRiders, is a good book by the SANS folks.

Cheers,

Skye