Alright, I've been banging my head against the wall trying to figure this out.
When configuring the IPsec ISAKMP peers, why do I need to use the ip addresses the peers physical interface instead of the IP address of the peer GRE tunnel?
crypto isakmp policy 10
crypto isakmp key CISCO address 184.108.40.206
crypto ipsec transform-set MyTransSet esp-3des esp-sha-hmac
crypto ipsec profile MyProfile
set transform-set MyTransSet
ip address 10.254.25.4 255.255.255.254
tunnel source 220.127.116.11
tunnel destination 18.104.22.168
tunnel mode ipsec ipv4
tunnel protection ipsec profile MyProfile
For the ISAKMP peer, I'm using the physical interface address of the destination router. Why?
Huge thanks in advance.