Cisco CSR1000v always send Traffic selectors 0.0.0.0/0 - 0.0.0.0/0 with IKEv1
Can you let Cisco CSR 1000v team know that there is a issue when Cisco CSR 1000v acts as initiator in AWS cloud?
It sends 0.0.0.0/0 and 0.0.0.0/0 for SRC/DST Traffic selectors even if the configured Traffic selectors are specific i.e.
permit ip 10.0.0.0 0.0.255.255 10.150.150.0 0.0.0.255
crypto isakmp policy 10
encr aes
authentication pre-share
group 5
crypto isakmp key cisco address X.X.X.X
crypto isakmp nat keepalive 20
!
!
crypto ipsec transform-set TS esp-aes esp-sha-hmac
mode tunnel
!
!
!
crypto map cmap 10 ipsec-isakmp
set peer X.X.X.X
set transform-set TS
match address cryptoacl
!
!
!
!
!
!
!
!
interface GigabitEthernet1
ip address dhcp
negotiation auto
crypto map cmap
!
ip access-list extended cryptoacl
permit ip 10.0.0.0 0.0.255.255 10.150.150.0 0.0.0.255
The configurations is with crypto map and