I'm wondering if anyone else has had similar issues.
We have a working IPSEC tunnel, we go to add additional crypto acl entries to said tunnel (on both sides) and the tunnel crashes and won't come back up. Now we remove the new entries and the tunnel still won't come back up. On further inspection of the crytpo acl's on both sides, they do not match(and didn't when the tunnel was working). How did the tunnel work before, why is it not working now?
To fix the issue we made both sides of the crypto acl match and then had to remove the crypto map for that tunnel and reapply it, then the tunnel came back.
Anyone know why the tunnel even after making both sides match would still not come up without removing the crypto map and reapplying it?