After the tunnel is secured and authenticated, in Phase
2 the channel is further secured for the transfer of data between
the networks. IKE Phase 2 uses the keys that were established in
Phase 1 of the process and the IPSec Crypto profile, which defines
the IPSec protocols and keys used for the SA in IKE Phase 2.
The IPSEC uses the following protocols to enable secure communication:
Encapsulating Security Payload (ESP)—Allows you to encrypt
the entire IP packet, and authenticate the source and verify integrity
of the data. While ESP requires that you encrypt and authenticate
the packet, you can choose to only encrypt or only authenticate
by setting the encryption option to Null; using encryption without
authentication is discouraged.
Authentication Header (AH)—Authenticates the source of the
packet and verifies data integrity. AH does not encrypt the data
payload and is unsuited for deployments where data privacy is important.
AH is commonly used when the main concern is to verify the legitimacy
of the peer, and data privacy is not required.
Algorithms Supported for
IPSEC Authentication and Encryption
ESP
AH
Diffie Hellman (DH) exchange
options supported
Group 1—768 bits
Group 2—1024 bits (the default)
Group 5—1536 bits
Group 14—2048 bits.
Group 19— 256-bit elliptic curve group
Group 20—384-bit elliptic curve group
no-pfs—By default, perfect forward secrecy (PFS) is enabled,
which means a new DH key is generated in IKE phase 2 using one of
the groups listed above. This key is independent of the keys exchanged
in IKE phase1 and provides better data transfer security. If you
select no-pfs, the DH key created at phase 1 is not renewed and
a single key is used for the IPSec SA negotiations. Both VPN peers
must be enabled or disabled for PFS.
Encryption algorithms supported
3des
Triple Data Encryption Standard (3DES) with
a security strength of 112 bits
aes-128-cbc
Advanced Encryption Standard (AES) using
cipher block chaining (CBC) with a security strength of 128 bits
aes-192-cbc
AES using CBC with a security strength of
192 bits
aes-256-cbc
AES using CBC with a security strength of
256 bits
aes-128-ccm
AES using Counter with CBC-MAC (CCM) with
a security strength of 128 bits
aes-128-gcm
AES using Galois/Counter Mode (GCM) with
a security strength of 128 bits
aes-256-gcm
AES using GCM with a security strength of
256 bits
des
Data Encryption Standard (DES) with a security
strength of 56 bits