Thanks for the reply.

I would assume the phase01 is as below...pls correct if im wrong.

1. All the parameters are exchanged between both the peers

2. authentication (pkey) is matched by both the peers, these keys are exchanged in an encrypted format, using phase-1 encryption key, hash algo.

3. session would be created and secured using a session key by DH algo..

This is correct right !!

Not completely correct. In the first two packets the peers negotiate the P1-policies. After that they do their DH-exchange and come to a shared secret. The PSK is never sent over the wire for that, not even in an encrypted way. But they still don't know if there is a MitM or not. So as the last step of the P1-exchange the mutual authentication is done, which is quite similar to an PPP-CHAP-authentication it you use PSKs. After that the Quick-Mode starts to create the IPSec-SAs.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Hi Karsten,

There should be a way, where both the parties confirm that the authentication-PSKEY "xxxx" is same on both the sides...I would like to know if the key is not shared, how this is working and what is the need of the key... DH session key is sufficient ?

Thanks John, i shall read it and update you..

As I wrote: The authentication is similar to what is done with PPP-CHAP (PSK=password). There the actual password is also never sent through the wire. The DH-session-key is not sufficient as DH is vulnarable to MitM-attacks.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Hi Karsten,

I have gone thru ppp-chap auth article. Thanks..

In site-2-site vpn, as you said, the shared secret key is not sent over the wire., will this use the hash value output of the command "shared secret key" or something which the other peer can validate with its database??? Im still stuck up.

Im sure, you will give some more hint...

Hi Karsten,

http://datatracker.ietf.org/doc/rfc6617/?include_text=1

as per this url, some function value will be passed to the remote peer to get authenticated. can you please check this.

I completely forgot about this thread ...

The referenced RFC6617 is so new, probably it's not implemented anywhere in the wild. When talking about IKEv1, then the best source is still RFC2409: http://www.ietf.org/rfc/rfc2409.txt

On section 5.4, page 15 the PSK based exchange is shown. On message three and four the Key-exchange is done where the DH-public keys are exchanged. After that exchange both peers have the shared secret so they start protecting the rest of the communication. Because DH is not MitM-safe, in packets 5 and 6 the authentication is done. For that the hases are exchanged. These hases use the PSK as input, but the PSK is not transfered over the wire. So an attacker that can only listen to the conversation is not able to do any harm.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Or.., is that the shared key is playing a role in generating the session keys along with DH-groups... ??? As both the side have same shared secret keys, producing an output with DH in any multpliplication/division with same variables will equalize the authentication hash values...something like that..once im clear in this point., i will be thru in l2l vpn...pls help.