HiPlatformMy end : Cisco ASR1001Far end : Palo AltoI am trying to establish  GRE over IPSEC tunnel with a customer using Palo Alto which fails when Palo Alto tries to initiate (role initiator) and Asr1001 is the responder. When the roles are switched...

Platform:ASR1000Ver: 17.3.4aSymptom: Similar to bug reported under CSCvh18158 -- no policy/proposal is matched though its specifically configured for peer and multiple ikev2 SA active sessions are established with status Up-idleError:Jun 29 19:32:08....