Lets say I have two IPSec connections on a ISR4k router:
crypto isakmp key aaaaaaaaaaaaaaaaaa address 192.168.1.1 255.255.255.255
crypto isakmp key bbbbbbbbbbbbbbbbbb address 192.168.2.2 255.255.255.255
Is it safe to add now one of the following lines for other IPSec connections, without bringing the current IPSec's down?
crypto isakmp key xxxxxxxxxxxxxxxxxxxx address 192.168.0.0 255.255.0.0
crypto isakmp key yyyyyyyyyyyyyyyyyyyy address 0.0.0.0 0.0.0.0
Will the IPSec connections to 192.168.1.1 and 192.168.2.2 stay up, because the address for key aaaaaaaa/bbbbbbb is more-specific (/32)? Or is it possible that the router uses the wrong key, xxxxxxxxxx/yyyyyyyyyy, for 192.168.1.1, because this address has more then one keys (one as /32 and one as /16 or /0)?
Or is it better to work with keyrings, if I have such overlapping addresses?