VPN Client Initiates IKE Phase 1 Process
When initiating the VPN connection, the client can use one of the following two IKE
authentication mechanisms:
■ Preshared keys
■ Digital certificates
When using preshared keys, the client initiates IKE aggressive mode negotiation. The group
name entered in the configuration GUI (ID-KEY-ID) is used to identify the group profile
associated with the VPN Client.
Using digital certificates requires the client to initiate IKE main mode negotiation. The
Organizational Unit (OU) field of the distinguished name (DN) is used to identify the group
profile associated with the VPN Client.