I have a Cisco 2811, with L2L vpns and vpn clients configured using static / dynamic crypto maps
These maps are then applied to the Dialer0 interface, and everything works fine !!
Now, I am trying to add a new VPN connection to Amazon VPC, using generated configs.
This config, uses what I belive is the newer method of using Tunnel interfaces.
However, when I add the new config, the ISAKMP fails after entering main mode exchange.
My questions is : Can the two configs methods (crypto maps and Tunnel ) co-exist ??
A doc I found entitled "IpSec Vitrual Tunnel Interfaces" says :-
"IKE SA is bound to the VTI. Because IKE SA is bound to the VTI, the same IKE SA cannot be used for a crypto map".
Not sure what "same sa" means.