This section covers the implementation of IKEv2. For IKEv1 information, see IKEv1 Protocol. For a comparison, see Comparison of IKEv2 and IKEv1. For information that applies to both protocols, see Introduction to IKE. Oracle Solaris supports both versions of the IKE protocol simultaneously.
The IKEv2 daemon, in.ikev2d, negotiates and authenticates keying material for IPsec SAs. See the in.ikev2d(8) man page.
The /etc/inet/ike/ikev2.config configuration file contains the configuration for the in.ikev2d daemon. The configuration consists of a number of rules. Each entry contains parameters such as algorithms and authentication data that this system can use with a similarly configured IKEv2 peer.
The in.ikev2d daemon supports preshared keys (PSK) and public key certificates for identity.
The ikev2.config(5) man page provides sample rules. Each rule must have a unique label. The following is a list of the descriptive labels of sample rules from the man page:
IP identities and PSK auth
IP address prefixes and PSK auth
IPv6 address prefixes and PSK auth
Certificate auth with DN identities
Certificate auth with many peer ID types
Certificate auth with wildcard peer IDs
Override transforms
Mixed auth types
Wildcard with required signer
The kmf-policy.xml file contains the certificate validation policy for IKEv2. The kmfcfg dbfile=/etc/inet/ike/kmf-policy.xml policy=default command is used to modify certificate validation policy. Typical modifications include the use of OCSP and CRLs, and the duration of network timeouts during certificate verification. Additionally, the policy enables an administrator to modify various aspects of certificate validation, such as validity date enforcement and key usage requirements. Loosening the default requirements for certificate validation is not recommended.
When IP packets carrying IKE messages are large, the packets can become fragmented at the IP layer. Some intermediate devices, such as NAT boxes and firewalls, drop IP fragments, which results in the loss of IKE messages and timeouts. In IKEv2, you can limit the IP packets to a length below the IP fragmentation threshold. The default IKEv2 fragmentation threshold is 1350 bytes. For more information, see IKEv2 Service and Example 44, Preventing the Loss of IKEv2 Messages From Intermediate Devices.
On a FIPS 140-2 enabled system, you are responsible for choosing only FIPS 140-2 approved algorithms when creating certificates and configuring IKEv2. The procedures and examples in this guide use FIPS 140-2 approved algorithms except when the algorithm "any" is specified.
The following encryption algorithm mechanisms are available to use in the IKEv2 configuration and preshared keys files and approved for use in Oracle Solaris in FIPS 140-2 mode:
AES in CBC mode in 128-bit to 256-bit key lengths
3DES
The following authentication algorithm mechanisms are available to use in IKEv2 configuration and preshared keys files and approved for use in Oracle Solaris in FIPS 140-2 mode:
SHA1
SHA256
SHA384
SHA512
The following mechanisms are available to use in IKEv2 certificates and approved for use in Oracle Solaris in FIPS 140-2 mode:
RSA in 2048-bit to 3072-bit key lengths
ECDSA that uses ECC with three possible curves and their associated hashes –
The arguments to the ikev2cert gencert and ikev2cert gencsr commands are the following:
keytype=ec curve=secp256r1 hash=sha256
keytype=ec curve= secp384r1 hash=sha384
keytype=ec curve=secp521r1 hash=sha512
For more information, see the ikev2cert(8) man page.
For the definitive list of FIPS 140-2 approved algorithms for Oracle Solaris, follow the links in FIPS 140-2 Level 1 Guidance Documents for Oracle Solaris Systems in Using a FIPS 140-2 Enabled System in Oracle Solaris 11.4.