IKE Authentication Mechanisms
Primarily three methods of authentication can be used to authenticate peers that want to establish an IPsec tunnel between themselves. Note that this is called device authentication rather than user authentication. The difference is that in device authentication, the devices that are actually doing IPsec communication on behalf of a user authenticate each other. User authentication (also called extended authentication in IPsec) is done in addition to device authentication and is for specific users who are making use of the IPsec services offered by the IPsec-enabled devices. We will talk about extended authentication in a later section of this chapter.
The three main mechanisms of device authentication are
Preshared ...
Get Network Security Principles and Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
