IKEv2, defined in RFC 4306, Internet Key Exchange (IKEv2) Protocol, is the second version of the Internet Key Exchange Protocol. The main driver of IKEv2 is to simplify and optimize IKEv1. An IKE_SA and a CHILD_SA can be created with only four IKEv2 message exchanges. IKEv2 is supported with the following features:
static LAN-to-LAN tunnel
dynamic LAN-to-LAN tunnel
remote-access tunnel
pre-shared-key authentication, certificate authentication, EAP (remote-access tunnel only)
liveness check
IKE_SA rekey
CHILD_SA rekey (full Traffic-Selector support including protocol and port range)
extended ESP sequence number