RFC 4306 · PROPOSED STANDARD · 2005 SUN · 14 JUN 2026

Internet Key Exchange Protocol

By C. Kaufman · Published December 2005 · DOI 10.17487/RFC4306

Overview

RFC 4306, “Internet Key Exchange Protocol”, is a Proposed Standard document published in December 2005 by C. Kaufman. It obsoletes RFC 2407, RFC 2408, RFC 2409. It has since been updated by RFC 5282. It has been obsoleted by RFC 5996 — refer to the newer document for the authoritative version. The canonical text is published by the RFC Editor.

Abstract

This document describes version 2 of the Internet Key Exchange (IKE) protocol. IKE is a component of IPsec used for performing mutual authentication and establishing and maintaining security associations (SAs).

This version of the IKE specification combines the contents of what were previously separate documents, including Internet Security Association and Key Management Protocol (ISAKMP, RFC 2408), IKE (RFC 2409), the Internet Domain of Interpretation (DOI, RFC 2407), Network Address Translation (NAT) Traversal, Legacy authentication, and remote address acquisition.

Version 2 of IKE does not interoperate with version 1, but it has enough of the header format in common that both versions can unambiguously run over the same UDP port. [STANDARDS-TRACK]

Abstract as published in the RFC, via rfc-editor.org.

What “Proposed Standard” means

An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.

Read this RFC

The canonical text of RFC 4306 is hosted at rfc-editor.org. Available in TXT,HTML.

Read on rfc-editor.org Plain text › HTML › IETF Datatracker › DOI link ›

Relationships to other RFCs

This RFC obsoletes: RFC 2407 RFC 2408 RFC 2409
Obsoleted by: RFC 5996
Updated by: RFC 5282

Other RFCs from 2005

Abstract

What “Proposed Standard” means

Who Is Online