It is always worth using the search facility on CLN.
Phase 1 is IKE where you start things out... Diffie-Hellman is used to set up your negotiation and setup of your traffic-encryption keys to get started. Your IKE SA will be completed here.
Phase 2 is IPSec (ISAKMP) where you get into what specifics you set up in your policies to have your keys set. This is the traffic keys themselves. And the traffic is getting encrypted here. IPSec SA is present if everything goes well.
Phase 2 is already expecting the key information but it comes FROM phase 1.
Dear Scott morris,
thanks for your support. I read your previous posts.
I need your 1 hour of time to discuss VPNs. We can discuss on gtalk or skype.
Please let us know the feasibility.
Thanks for your help.
It's better to post questions here for the world to see.....
While I don't mind spending time with people, the scalability of spending an hour personally with you and then with the hundreds of others who'd like to do that makes it a little difficult without billing for my time!
So feel free to post any questions (best to have new threads for each so that others may benefit), and I'll be happy to help!
Thanks for your concern.
Can any one explane the diffrent between Main mode & Aggressive mode in cisco ASA.
I think this will help you: