Authenticated key agreement protocol is one of the important cryptographic primitives to ensure secure communication in an open network. Certificateless public key cryptography (CL-PKC) represents an interesting and potentially useful balance between public key cryptography based on certificates and identity-based cryptography. The topic of CL-PKC has undergone quite rapid development with schemes being proposed for encryption and signatures, while certificateless authenticated key agreement protocols are seldom discussed. In this paper, we present a secure two-party authenticated key agreement protocol based on an efficient certificateless public key encryption with pairing. Such a scheme achieves almost all of the security attributes, including known-key secrecy, perfect forward secrecy, PKG forward secrecy, key-compromise impersonation resilience, unknown key-share resilience, known session-specific temporary information security, message independence and no key control. Meanwhile, it is also practical with nice efficiency.