Explanation
https://supportforums.cisco.com/t5/security-documents/main-mode-vs-aggressive-mode/ta-p/3123382
Main Mode - An IKE session begins with the initiator sending a proposal or proposals to the responder. The
proposals define what encryption and authentication protocols are acceptable, how long keys should remain
active, and whether perfect forward secrecy should be enforced, for example. Multiple proposals can be sent in
one offering. The first exchange between nodes establishes the basic security policy; the initiator proposes the
encryption and authentication algorithms it is willing to use. The responder chooses the appropriate proposal
(we'll assume a proposal is chosen) and sends it to the initiator. The next exchange passes Diffie-Hellman
public keys and other data. All further negotiation is encrypted within the IKE SA. The third exchange
authenticates the ISAKMP session. Once the IKE SA is established, IPSec negotiation (Quick Mode) begins.
Aggressive Mode - Aggressive Mode squeezes the IKE SA negotiation into three packets, with all data
required for the SA passed by the initiator. The responder sends the proposal, key material and ID, and
authenticates the session in the next packet. The initiator replies by authenticating the session. Negotiation is
quicker, and the initiator and responder ID pass in the clear.
Quick Mode - IPSec negotiation, or Quick Mode, is similar to an Aggressive Mode IKE negotiation, except
negotiation must be protected within an IKE SA. Quick Mode negotiates the SA for the data encryption and
manages the key exchange for that IPSec SA.