I am planning to replace my old routers with ISR 4431 IOS-XE. In my design i have port channel configured through which multiple sub interfaces are configured.
The problem is that, crypto map are not supported on Port-channel interfaces. Due to it cisco has provided the workaround to implement multi SA VTI and according to cisco Multi SA vti are backward compatible with crypto map.
I need to know if someone has experience in establishing Sire-to-Site vpns between Multi SA vti on one side and crypto map on remote side.
Need you suggestion.