Skip to main content

Clarifications and Implementation Guidelines for using TCP Encapsulation in IKEv2

Document Type Expired Internet-Draft (individual)
Expired & archived
Author Valery Smyslov
Last updated 2020-06-19 (Latest revision 2019-12-17)
Replaces draft-smyslov-ipsec-tcp-guidelines
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


The Internet Key Exchange Protocol version 2 (IKEv2) defined in [RFC7296] uses UDP transport for its messages. [RFC8229] specifies a way to encapsulate IKEv2 and ESP (Encapsulating Security Payload) messages in TCP, thus making possible to use them in network environments that block UDP traffic. However, some nuances of using TCP in IKEv2 are not covered by that specification. This document provides clarifications and implementation guidelines for [RFC8229].


Valery Smyslov

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)