Provider-provisioned virtual private networks are nowadays well-established networking concepts. They are envisaged as an extension of the basic VPN concept to securely network low-capacity nodes in large-scale personal networks, with the help of network providers. This article presents an adaptation of the Internet Key Exchange (IKEv2) protocol to the context of dynamic tunneling in personal networks. It relies on the providers' infrastructure to build identity-based security associations. Results of a preliminary security analysis are also provided.