Search RFCs
RFC 8229
TCP Encapsulation of IKE and IPsec Packets,August 2017
- File formats:
- Status:
- PROPOSED STANDARD
- Obsoleted by:
- RFC 9329
- Authors:
- T. Pauly
S. Touati
R. Mantha - Stream:
- IETF
- Source:
- ipsecme (sec)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC8229
Discuss this RFC: Send questions or comments to the mailing listipsec@ietf.org
Other actions:View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 8229
Abstract
This document describes a method to transport Internet Key ExchangeProtocol (IKE) and IPsec packets over a TCP connection for traversingnetwork middleboxes that may block IKE negotiation over UDP. Thismethod, referred to as "TCP encapsulation", involves sending both IKEpackets for Security Association establishment and EncapsulatingSecurity Payload (ESP) packets over a TCP connection. This method isintended to be used as a fallback option when IKE cannot benegotiated over UDP.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.