Hashing is used to make sure that a message sent from the sender has not been changed while in transit (this includes the identity of the sender). As Cisco and others might like to call it, it ensures the integrity of the message. This is a one time thing so a message that has been hashed cannot be un-hashed.
Encryption is used to protect the data so that no one other than the reciever is able to read it. This requires a key, either a pre-shared key, certificate, etc. where the sender encrypts the data with the public key of the reciever and the reciever decrypts the message with their private key.
tanks for your reply,but my question was about the difference between choosing encryption algorithm in ike policies and choosing encryption algorithm in transform set while configuring ipsec and the same question to hashing algorithms
The encryption algorithm in ISAKMP / Phase 1 is used to secure the VPN management negotiations. It is through this tunnel that IPsec is negotiated not to mention rekeys also. IPsec / Phase 2 encryption is used to secure the data that is going to be transmitted over the VPN.
Hashing, as I mentioned earlier is for ensuring that the message has not been altered while in transit. In ISAKMP there is always a hash being used, even if you do not confiugure one. If you do not specify a hash, it will default to group2. configuring a hash in IPsec (PFS) just adds a second layer of security for the encrypted tunnel but is not required. Keep in mind though the the stronger the hash algorithm the more processing power is used as it is constantly hashing. If you have several VPNs be mindfull of how you configure your IPsec hash.