It is not possible to use the HSRP virtual address as the peer address for a site to site VPN. There are several reasons but the most important reason is that the IPSec negotiation between peers would fail because the router will not use the HSRP virtual address as the source address of a packet. And if the IPSec negotiation packet source address is not the peer address then the negotiation will fail.
If you are thinking of the HSRP concept in terms of providing failover capability then it may be possible to create site to site VPN using HSRP concept. On the remote router configure the IPSec with two peer addresses in the set peer statement (and configure an IPSec tunnel on each of the HSRP routers). Then the remote will negotiate one tunnel with the first router as primary and the second router as failover.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...