IKE Phase 2
Focus
Focus
Network Security

IKE Phase 2

Table of Contents

IKE Phase 2

Where Can I Use This?What Do I Need?
  • PAN-OS
No license required
After the tunnel is secured and authenticated, in Phase 2 the channel is further secured for the transfer of data between the networks. IKE Phase 2 uses the keys that were established in Phase 1 of the process and the IPSec Crypto profile, which defines the IPSec protocols and keys used for the SA in IKE Phase 2.
The IPSec uses the following protocols to enable secure communication:
  • Encapsulating Security Payload (ESP)—Allows you to encrypt the entire IP packet, and authenticate the source and verify the integrity of the data. While ESP requires that you encrypt and authenticate the packet, you can choose to only encrypt or only authenticate by setting the encryption option to Null; using encryption without authentication is discouraged.
  • Authentication Header (AH)—Authenticates the source of the packet and verifies data integrity. AH doesn’t encrypt the data payload and is unsuited for deployments where data privacy is important. AH is commonly used when the main concern is to verify the legitimacy of the peer, and data privacy isn’t required.
Algorithms Supported for IPSec Authentication and Encryption
ESP
AH
Diffie-Hellman (DH) exchange options supported
  • Group 1—768 bits
  • Group 2—1024 bits (default)
  • Group 5—1536 bits
  • Group 14—2048 bits
  • (PAN-OS 10.2.0 and later releases) Group 15—3072-bit modular exponential group
  • (PAN-OS 10.2.0 and later releases) Group 16—4096-bit modular exponential group
  • Group 19—256-bit elliptic curve group
  • Group 20—384-bit elliptic curve group
  • (PAN-OS 10.2.0 and later releases) Group 21—512-bit random elliptic curve group
  • no-pfs—By default, perfect forward secrecy is enabled, which means a new DH key is generated in IKE phase 2 using one of the groups listed above. This key is independent of the keys exchanged in IKE phase1 and provides better data transfer security. If you select no-pfs, the DH key created at phase 1 isn’t renewed and a single key is used for the IPSec SA negotiations. Both VPN peers must be enabled or disabled for PFS.
Encryption algorithms supported
  • des
(PAN-OS 10.1.0 and earlier releases) Data Encryption Standard (DES) with the security strength of 56 bits.
  • 3des
Triple Data Encryption Standard (3DES) with a security strength of 112 bits.
  • aes-128-cbc
Advanced Encryption Standard (AES) using cipher block chaining (CBC) with a security strength of 128 bits.
  • aes-192-cbc
AES using CBC with a security strength of 192 bits.
  • aes-256-cbc
AES using CBC with a security strength of 256 bits.
  • aes-128-ccm
AES using Counter with CBC-MAC (CCM) with a security strength of 128 bits.
  • aes-128-gcm
AES using Galois/Counter Mode (GCM) with a security strength of 128 bits.
  • aes-256-gcm
AES using GCM with a security strength of 256 bits.
Authentication algorithms supported
  • md5
  • md5
  • sha 1
  • sha 1
  • sha 256
  • sha 256
  • sha 384
  • sha 384
  • sha512
  • sha 512

Methods of Securing IPSec VPN Tunnels (IKE Phase 2)

IPSec VPN tunnels can be secured using manual keys or auto keys. In addition, IPSec configuration options include a Diffie-Hellman Group for key agreement, an encryption algorithm, and a hash for message authentication.
  • Manual Key—Manual key is typically used if the Palo Alto Networks firewall is establishing a VPN tunnel with a legacy device, or if you want to reduce the overhead of generating session keys. If using manual keys, the same key must be configured on both peers.
    Manual keys aren’t recommended for establishing a VPN tunnel because the session keys can be compromised when relaying the key information between the peers; if the keys are compromised, the data transfer is no longer secure.
  • Auto Key— Auto Key allows you to generate keys automatically for setting up and maintaining the IPSec tunnel based on the algorithms defined in the IPSec Crypto profile.