¨Agreeing on a set of parameters that are to be used to authenticate the two peers
¨Agreeing on parameters used to encrypt a portion of the main mode and all of the quick mode messages
¨None of the aggressive mode messages are encrypted
¨Authenticate the two peers to each other
¨Generate keys used to generate keying material for subsequent encryption of data
¨All of the parameters negotiated and the keys used to generate keys for encryption are stored as IKE or ISAKMP security association (SA)