Phase creates an ISAKMP SA (Security Association). The peers authenticate each other and agree on:
- Encryption algorithm (AES-, for example)
- Hash algorithm (SHA- or SHA-)
- Authentication method (pre-shared key or certificates)
- Diffie-Hellman group for key exchange
Phase can run in Main Mode ( messages, more secure) or Aggressive Mode ( messages, faster but exposes identity information).