IKE (Internet Key Exchange) is the protocol that allows the exchange and management of keys and other parameters securely during initial negotiation, between the parties implied in the IPSec tunnel.
The set of security protocols, authentication parameters and keys to be used in a certain IPSec VPN session is known as Security Association (SA).
The activities of this protocol can be divided into two phases:
IKE I: During the first phase, a secure channel is established which protects the next phase of negotiation. This phase is repeated much less frequency than the IKE II phase.
IKE II: The main objective of the IKE II phase is to negotiate and exchange the Security Association to be used during the VPN session to protect IP traffic.
For more information about how to configure the IKE I and IKE II phase policies, click here.