Last Published Date: March 28, 2014
Internet Key Exchange
Version 2 (IKEv2), a next-generation key management protocol based on RFC 4306,
is an enhancement of the IKE Protocol. IKEv2 is used for performing mutual
authentication and establishing and maintaining security associations (SAs).
FlexVPN is Cisco's
implementation of the IKEv2 standard featuring a unified paradigm and CLI that
combines site to site, remote access, hub and spoke topologies and partial
meshes (spoke to spoke direct). FlexVPN offers a simple but modular framework
that extensively uses the tunnel interface paradigm while remaining compatible
with legacy VPN implementations using crypto maps.
This guide contains
the following modules:
Configuring Internet Key
Exchange Version 2 (IKEv2) and FlexVPN Remote Access
This module describes
IKEv2 CLI and is divided into basic and advanced sections.
The basic section
introduces basic IKEv2 commands and describes IKEv2 smart defaults and the
mandatory IKEv2 commands required for FlexVPN remote access. This module is a
prerequisite for understanding subsequent chapters.
The advanced section
describes global IKEv2 commands and how to override the default IKEv2 commands.