Chapter 10 IPsec VPN : IPsec VPN concepts : IKE and IPsec packet processing : IKEv1
  
IKEv1
Phase 1
A peer, identifed in the IPsec policy configuration, begins the IKE negotiation process. This IKE Security Association (SA) agreement is known as Phase 1. The Phase 1 parameters identify the remote peer or clients and supports authentication through preshared keys or digital certificates. You can increase access security further using peer identifiers, certificate distinguished names, group names, or the FortiGate extended authentication (XAuth) option for authentication purposes. Basically, Phase 1 authenticates a remote peer and sets up a secure communication channel for establishing Phase 2, which negotiates the IPsec SA.
IKE Phase 1 can occur in either Main mode or Aggressive mode. For more information, see “Choosing Main mode or Aggressive mode”.
IKE Phase 1 is successful only when the following are true:
Each peer negotiates a matching IKE SA policy.
Each peer is authenticated and their identities protected.
The Diffie-Hellman exchange is authenticated (the pre-shared secret keys match).
For more information on Phase 1, see “Phase 1 parameters”.
Phase 2
Phase 2 parameters define the algorithms that the FortiGate unit can use to encrypt and transfer data for the remainder of the session in an IPsec SA. The basic Phase 2 settings associate IPsec Phase 2 parameters with a Phase 1 configuration.
In Phase 2, the VPN peer or client and the FortiGate unit exchange keys again to establish a more secure communication channel. The Phase 2 Proposal parameters select the encryption and authentication algorithms needed to generate keys for protecting the implementation details of the SA. The keys are generated automatically using a Diffie-Hellman algorithm.
In Phase 2, Quick mode selectors determine which IP addresses can perform IKE negotiations to establish a tunnel. By only allowing authorized IP addresses access to the VPN tunnel, the network is more secure. For more information, see “Quick mode selectors”.
IKE Phase 2 is successful only when the following are true:
The IPsec SA is established and protected by the IKE SA.
The IPsec SA is configured to renegotiate after set durations (see “Autokey Keep Alive” and “Auto-negotiate”).
Optional: Replay Detection is enabled. Replay attacks occur when an unauthorized party intercepts a series of IPsec packets and replays them back into the tunnel. See “Replay Detection”.
Optional: Perfect Forward Secrecy (PFS) is enabled. PFS improves security by forcing a new Diffie‑Hellman exchange whenever keylife expires. See “Perfect Forward Secrecy (PFS)”.
For more information on Phase 2, see “Phase 2 parameters”.
With Phase 2 established, the IPsec tunnel is fully negotiated and traffic between the peers is allowed until the SA terminates (for any number of reasons; time-out, interruption, disconnection, etc)
The entire IKEv1 process is demonstrated in the following diagram: