Hi,

How to Terminate vpn using subinterface? This is may current config:

crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key x.x.x.x address 211.11.11.11
!
crypto ipsec security-association lifetime seconds 14400
!
crypto ipsec transform-set ESP-3DES-SHA10 esp-3des esp-sha-hmac
!
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to Remote
set peer 211.11.11.11
set security-association lifetime seconds 3600
set transform-set ESP-3DES-SHA10
match address 111
!
interface GigabitEthernet0/0
description $ETH-WAN$
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.10
encapsulation dot1Q 600 native
ip address 111.111.111.113 255.255.255.252
ip nat outside
ip virtual-reassembly
crypto map SDM_CMAP_1
!
interface GigabitEthernet0/0.11
encapsulation dot1Q 650
ip address 222.222.222.222 255.255.255.248
!
interface GigabitEthernet0/0.12
encapsulation dot1Q 700
ip address 333.333.333.333 255.255.255.248
!
interface GigabitEthernet0/0.13
encapsulation dot1Q 750
ip address 444.444.444.444 255.255.255.240
!
interface GigabitEthernet0/1
description $ETH-LAN$
ip address 192.168.9.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
ip route 0.0.0.0 0.0.0.0 111.111.111.112
!
ip nat inside source list 105 interface GigabitEthernet0/0.10 overload
!
access-list 105 deny   ip 192.168.9.0 0.0.0.255 192.168.8.0 0.0.0.255
access-list 105 permit ip 192.168.9.0 0.0.0.255 any
access-list 111 permit ip 192.168.9.0 0.0.0.255 192.168.8.0 0.0.0.255

What i need to do is to use the interface GigabitEthernet0/0.11 as the peer of the remote router and still be able to stablish vpn. Any help please.

Thank you