We use iPSK for devices which don't belong to the company but require internet access, so this goes via a mobility anchor
I'm just testing for a internal version of the ipsk, but all traffic seems to be hitting the policy for the external setup.
The calling station is different, the end point group is correct, the policy allows access.
Question is can you have 2 separate policy sets for ipsk, one for a internal wireless network and 1 for a mobility anchor?
Cheers