Hi all, We are impelementing IPSec manual site to site because other site doesn't support IKE. I know that if you implement IPSec manual keying -- ACL's for crypto map entries tagged as ipsec-manual are restricted to as single permit entry and subsequent entries are ignored. -- The SAs established by a manual crypto map entry are only for a single data flow.
IKE doesn't have any restrictions like that. Is this because of IKE automatically assigns SPI numbers to the other permit entries for the same access-list. Or is there any other reason? I know the solution for the IPSec manual restriction of permit entries. I want to know why is this restriction. Because of one SPI for one permit entry? Any help will be really appreciated. Best regards, Cisco Breaker Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57448&t=57448 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
