IKEv2 - Internet Key Exchange v2
===================================

.. panels::
   :container: container pb-4
   :column: col-lg-12 p-2
   :card: shadow

   .. panels::
      :container: container pb-4
      :column: col-lg-12 p-2
      :card: shadow

      **What is IKEv2?**

         A protocol used to establish secure, authenticated communication channels.
         It negotiates and manages Security Associations (SAs) for IPsec.

   .. panels::
      :container: container pb-4
      :column: col-lg-12 p-2
      :card: shadow

      **Why is IKEv2 important?**

         * Automates key exchange and security negotiation.
         * Supports mobility, NAT traversal, and is more efficient and reliable than IKEv1.

   .. panels::
      :container: container pb-4
      :column: col-lg-12 p-2
      :card: shadow

      **How IKEv2 works (in simple steps):**

         * Initiator sends a request to start a secure session.
         * Responder replies with cryptographic parameters.
         * Both sides authenticate each other using certificates or pre-shared keys.
         * A secure tunnel is established for IPsec traffic.
         * Keys are refreshed periodically to maintain security.

   .. panels::
      :container: container pb-4
      :column: col-lg-12 p-2
      :card: shadow

      **Where is IKEv2 used?**

         * VPNs (Remote Access and Site-to-Site)
         * Mobile networks (due to support for MOBIKE)
         * Enterprise security gateways
         * Secure communication over public networks

   .. panels::
      :container: container pb-4
      :column: col-lg-12 p-2
      :card: shadow

      **Which OSI Layer does this protocol belong to?**

         * IKEv2 works with IPsec, which secures IP packets directly at Layer 3.
         * It handles negotiation of cryptographic keys and policies for IPsec.

.. panels::
        :container: container pb-4
        :column: col-lg-12 p-2
        :card: shadow

        Topics in this section,

                * :ref:`Learnings in this section <IKEv2_step1>`

                * :ref:`Terminology <IKEv2_step2>`

                * :ref:`Version Info <IKEv2_step3>`

                * :ref:`IKEv2 Version&RFC Details <IKEv2_step5>`

                * :ref:`IKEv2 Basic Setup on Ubuntu using IPv4 <IKEv2_step20>`

                * :ref:`IKEv2 Basic Setup on Ubuntu using IPv6 <IKEv2_step21>`

                * :ref:`IKEv2 Protocol Packet Details <IKEv2_step6>`

                * :ref:`IKEv2 Usecases <IKEv2_step7>`

                * :ref:`IKEv2 Basic Features <IKEv2_step8>`
                    
                * :ref:`IKEv2 Feature : Secure Key Exchange <IKEv2_step9>` 

                * :ref:`IKEv2 Feature : Authentication <IKEv2_step10>`

                * :ref:`IKEv2 Feature : Security Associations (SAs) <IKEv2_step11>`  

                * :ref:`IKEv2 Feature : Mobility and Multihoming (MOBIKE) <IKEv2_step12>`  

                * :ref:`IKEv2 Feature : Session Resumption <IKEv2_step13>`

                * :ref:`IKEv2 Feature : Message Fragmentation <IKEv2_step14>`

                * :ref:`IKEv2 Feature : Traffic Selectors <IKEv2_step15>`   

                * :ref:`IKEv2 Feature : Encryption Agility <IKEv2_step16>` 

                * :ref:`IKEv2 Feature : Post-Quantum Readiness <IKEv2_step17>` 

                * :ref:`IKEv2 Feature : Extensibility via Payloads <IKEv2_step18>` 

                * :ref:`Reference links <IKEv2_step19>`


.. _IKEv2_step1:

.. tab-set::

    .. tab-item:: Learnings in this section

        * In this section, you are going to learn

.. _IKEv2_step2:

.. tab-set::

    .. tab-item:: Terminology
        
       * Terminology


.. _IKEv2_step3:

.. tab-set::

    .. tab-item:: Version Info
    
         * Version Info
.. _IKEv2_step5:

.. tab-set::

    .. tab-item:: IKEv2 Version&RFC Details

        
         .. csv-table:: 
               :file: ./IKEv2/IKEv2_Version&RFC_Details.csv
               :widths: 10,10,10,30
               :header-rows: 1

.. _IKEv2_step20:

.. tab-set::

    .. tab-item:: IKEv2 Basic Setup on Ubuntu using IPv4

      **Setup**



.. _IKEv2_step21:

.. tab-set::

   .. tab-item:: IKEv2 Basic Setup on Ubuntu using IPv6
       
    **Setup**



.. _IKEv2_step6:

.. tab-set::

    .. tab-item:: IKEv2 Protocol Packet Details
       
         **IKE_SA_INIT Packet**

         .. csv-table:: 
                :file: ./IKEv2/IKEv2_packetdetails1.csv
                :widths: 10,20,30,10
                :header-rows: 1

         **IKE_AUTH Packet**

         .. csv-table::
                :file: ./IKEv2/IKEv2_packetdetails2.csv
                :widths: 10,20,30,10
                :header-rows: 1
        
         **CREATE_CHILD_SA Packet**

         .. csv-table::
                :file: ./IKEv2/IKEv2_packetdetails3.csv
                :widths: 10,20,30,10
                :header-rows: 1

         **INFORMATIONAL Packet**

         .. csv-table::
                :file: ./IKEv2/IKEv2_packetdetails4.csv
                :widths: 10,20,30,10
                :header-rows: 1


.. _IKEv2_step7:

.. tab-set::

    .. tab-item:: IKEv2 Usecases
        
        
         .. csv-table:: 
               :file: ./IKEv2/IKEv2_Use_Cases.csv
               :widths: 10,20,30
               :header-rows: 1

.. _IKEv2_step8:

.. tab-set::

    .. tab-item:: IKEv2 Basic Features
    
         
         .. csv-table:: 
                  :file: ./IKEv2/IKEv2_Basic_Features.csv
                  :widths: 10,10,30
                  :header-rows: 1

.. _IKEv2_step9:

.. tab-set::

    .. tab-item:: IKEv2 Feature : Secure Key Exchange

          **Secure Key Exchange - Testcases**

          .. csv-table:: 
                 :file: ./IKEv2/IKEv2_Feature1_Secure_Key_Exchange_TestCases.csv
                 :widths: 10,10,30,20
                 :header-rows: 1


   
.. _IKEv2_step10:

.. tab-set::

    .. tab-item:: IKEv2 Feature : Authentication

         **Authentication - Testcases**

         .. csv-table:: 
                :file: ./IKEv2/IKEv2_Feature2_Authentication_TestCases.csv
                :widths: 10,10,30,20
                :header-rows: 1


.. _IKEv2_step11:

.. tab-set::

    .. tab-item:: IKEv2 Feature : Security Associations (SAs)

        **Security Associations (SAs) - Testcases**

        .. csv-table:: 
                 :file: ./IKEv2/IKEv2_Feature3_Security_Associations(SAs)_TestCases.csv
                 :widths: 10,10,30,20
                 :header-rows: 1


.. _IKEv2_step12:

.. tab-set::

    .. tab-item:: IKEv2 Feature : Mobility and Multihoming (MOBIKE)

          **Mobility and Multihoming (MOBIKE) - Testcases**

          .. csv-table:: 
                :file: ./IKEv2/IKEv2_Feature4_Mobility_and_Multihoming(MOBIKE)_TestCases.csv
                :widths: 10,10,30,20
                :header-rows: 1



.. _IKEv2_step13:

.. tab-set::

    .. tab-item:: IKEv2 Feature : Session Resumption

         **Session Resumption - Testcases**

         .. csv-table:: 
                 :file: ./IKEv2/IKEv2_Feature5_Session_Resumption_Test Cases.csv
                 :widths: 10,10,30,20
                 :header-rows: 1


 
.. _IKEv2_step14:

.. tab-set::

    .. tab-item:: IKEv2 Feature : Message Fragmentation

         **Message Fragmentation - Testcases**

         .. csv-table:: 
                  :file: ./IKEv2/IKEv2_Feature6_Message_Fragmentation_TestCases.csv
                  :widths: 10,10,30,20
                  :header-rows: 1


.. _IKEv2_step15:

.. tab-set::

    .. tab-item:: IKEv2 Feature : Traffic Selectors
   
          **Traffic Selectors - Testcases**

          .. csv-table:: 
                 :file: ./IKEv2/IKEv2_Feature7_Traffic_Selectors_TestCases.csv
                 :widths: 10,10,30,20
                 :header-rows: 1


.. _IKEv2_step16:

.. tab-set::

    .. tab-item:: IKEv2 Feature : Encryption Agility

         **Encryption Agility - Testcases**

         .. csv-table:: 
                 :file: ./IKEv2/IKEv2_Feature8_Encryption_Agility_TestCases.csv
                 :widths: 10,10,30,20
                 :header-rows: 1


.. _IKEv2_step17:

.. tab-set::

    .. tab-item:: IKEv2 Feature : Post-Quantum Readiness

        **Post-Quantum Readiness - Testcases**

        .. csv-table::
                :file: ./IKEv2/IKEv2_Feature9_Post_Quantum_Readiness_TestCases.csv
                :widths: 10,10,30,20
                :header-rows: 1


.. _IKEv2_step18:

.. tab-set::

    .. tab-item:: IKEv2 Feature : Extensibility via Payloads

        **Extensibility via Payloads - Testcases**

        .. csv-table::
                :file: ./IKEv2/IKEv2_Feature10_Extensibility_via_Payloads_TestCases.csv
                :widths: 10,10,30,20
                :header-rows: 1


.. _IKEv2_step19:

.. tab-set::

    .. tab-item:: Reference links
     
       * Reference links