Perfect forward secrecy. Ephemeral Diffie-Hellman key exchange used in conjunction with the SKIP key distributions protocol provides PFS where required.
Perfect Forward Secrecy is an IPSec keying method that uses a brand new key for each new IPSec SA setup. The keys are created by new key exchanges, see Diffie-Hellman.
Perfect Forward Secrecy. With Perfect Forward Secrecy the exposure of one key permits access only to data protected by that key. When PFS is configured, the IKE daemon creates a new ISAKMP SA for each IPSec SA negotiation and performs a Diffie-Hellman exchange for each IPSec SA negotiation.