Internet Key Exchange (IKE) is described in RFC 2409. IKE is used as part of IPSec, which involves a number of protocols to negotiate and establish a secure connection. IKE itself is based in part on ISAKMP, which uses UDP port 500. If your IPSec implementation is using a public key infrastructure as part of its authentication, you may also see TCP port 389 (LDAP) in use. Depending on the type of security negotiated, IPSec itself will use either Encapsulating Security Payload (ESP), which is TCP port 50, or Authentication Header (AH), which is TCP port 51.
Dig Deeper on Network Security Monitoring and Analysis
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.