I was wondering, is it possible to explicitly set the IKE SA policy through the tunnel group settings? My understanding is the first isakmp policy that matches on both ends is the selected one.
I want to make sure the SA settings I gave to the other company are the one we told them without impacting any other existing VPN tunnels.
To be more expliciti want to make sure, encryption aes, hash sha,DH group 2, are the settings that will be used and nothing else. All this without removing existing isakmp policies (if possible).