Is it possible to create a crypto map with entries that include crypto acls to the most specific network destinations first, and finishing with the least specific network destination (much like routing, the most specific route is taken, even when part of a larger network that is routed to a different gateway).
A part of the hypothetical config is below:
access-list 101 extended permit ip host 188.8.131.52 10.0.0.0 255.255.255.248
access-list 102 extended permit ip host 184.108.40.206 10.0.0.0 255.255.255.0
crypto map HQ 1 match address 101
crypto map HQ 1 set peer 220.127.116.11
crypto map HQ 1 set transform-set strong
crypto map HQ 2 match address 102
crypto map HQ 2 set peer 18.104.22.168
crypto map HQ 2 set transform-set strong
crypto map HQ interface outside
10.0.0.0/29 is within 10.0.0.0/24, but more specific. My understanding is that b/c entry 1 is matched first, it will not interfere with entry 2.