IKE phase 1 can be initiated in one of two modes:
Main Mode
Main mode comprises six exchanges, as explained here.
Aggressive Mode

Aggressive mode condenses IKE phase 1 into three messages.
-
The initiating device sends all necessary information: its IKE SA policy proposals, Diffie-Hellman public value, and either its preshared key or digital certificate.
-
The remote device responds with the IKE policy it has selected, its Diffie-Hellman public value, its preshared key or certificate, and authentication for the session.
-
The first device replies, authenticating the remote device and establishing the IKE SA.
Aggressive mode is quicker than main mode. However, because it requires devices to send identifying information before exchanges are encrypted, it is less secure.

|