In this section, we will go over what IKE is and what the differences are between IKEv1 and IKEv2.
IKE is a protocol that belongs to the IPsec protocols suite and is responsible for setting up a security association (an agreement between both parties) that enables two end IPsec enabled devices to send data securely:
- IKEv2 is faster and light on bandwidth, as a smaller number of messages are needed to establish a tunnel. With IKEv1, we had main mode (nine messages), and aggressive mode (six messages). In contrast, IKEv2 only has one mode that has only four messages.
- IKEv2 provides inbuilt NAT Traversal and, by default, IKEv1 does not provide this facility. It is a well-known fact that the IPSec protocol was not designed with Network Address and Port Translation (NAPT) in mind. The initial payload and, in particular, the headers are encrypted...