i get confused about the IPSec IKE when preparing ISCW test.
According to Cisco textbook,
IKE phase 1 will negociate encryption method, like 3DES or DES, but IKE phase 2 will also negociate encryption again, you can choose esp_3des or esp_des, etc.
Why the encryption can be defined twice?
Even not clear why we split the IKE into 2 phases, while they just negociate with the other end about the security parameters?