The outcome of an IKE negotiation is a Security Association (SA). IKE builds the VPN tunnel by authenticating both sides and reaching an agreement on methods of encryption and integrity. This key then encrypts and decrypts the regular IP packets used in the bulk transfer of data between VPN peers. The goal of the Internet Key Exchange (IKE) is for both sides to independently produce the same symmetrical key. Information can be securely exchanged only if the key belongs exclusively to the communicating parties. The material used to build these keys must be exchanged in a secure fashion. In symmetric cryptographic systems, both communicating parties use the same key for encryption and decryption.
