Choosing the IKE version
If you create a route-based VPN, you have the option of selecting IKE version 2. Otherwise, IKE version 1 is used.
IKEv2, defined in
RFC 4306, simplifies the negotiation process that creates the security association (SA).
If you select IKEv2:
• There is no choice in Phase 1 of Aggressive or Main mode.
• FortiOS does not support Peer Options or Local ID.
• Extended Authentication (XAUTH) is not available.
• You can select only one Diffie-Hellman Group.
• You can utilize EAP and MOBIKE.