in flex vpn spoke has two tunnels to same Hub.and wanna use ip address negotiated function on these tunnels and pools created on hub.but issue is spoke tunnels somehow assign ip address from each other's pools on hub.even using fully different configs for tunnels on spoke and hub  does not help.config provided below

HUB1
aaa new-model
aaa authorization network FLEX_NETWORK local
aaa authorization network FLEX_NETWORK2 local

crypto ikev2 authorization policy FLEX_AUTHOR
pool SPOKES
route set interface
crypto ikev2 authorization policy FLEX_AUTHOR2
pool SPOKES2
route set interface

ip local pool SPOKES 10.77.77.2 10.77.77.100
ip local pool SPOKES2 10.77.78.2 10.77.78.100

crypto ikev2 keyring AMS_KEYRING
peer SPOKES
address 0.0.0.0 0.0.0.0
pre-shared-key AMSKEY
crypto ikev2 keyring AMS_KEYRING2
peer SPOKES2
address 0.0.0.0 0.0.0.0
pre-shared-key AMSKEY

crypto ikev2 profile AMS_PRO
match identity remote address 0.0.0.0
authentication remote pre-share
authentication local pre-share
keyring local AMS_KEYRING
aaa authorization group psk list FLEX_NETWORK FLEX_AUTHOR
virtual-template 1
crypto ikev2 profile AMS_PRO2
match identity remote address 0.0.0.0
authentication remote pre-share
authentication local pre-share
keyring local AMS_KEYRING2
aaa authorization group psk list FLEX_NETWORK2 FLEX_AUTHOR2
virtual-template 2

crypto ipsec profile IPSEC_PRO
set ikev2-profile AMS_PRO
crypto ipsec profile IPSEC_PRO2
set ikev2-profile AMS_PRO2

interface Loopback100
ip address 10.77.77.1 255.255.255.0
interface Loopback200
ip address 10.77.78.1 255.255.255.0

interface Virtual-Template1 type tunnel
ip unnumbered Loopback100
ip nhrp network-id 100
tunnel protection ipsec profile IPSEC_PRO
interface Virtual-Template2 type tunnel
ip unnumbered Loopback200
ip nhrp network-id 200
tunnel protection ipsec profile IPSEC_PRO2

SPOKE
aaa new-model
aaa authorization network FLEX_NETWORK local
aaa authorization network FLEX_NETWORK local
crypto ikev2 authorization policy FLEX_AUTHOR
route set interface
crypto ikev2 authorization policy FLEX_AUTHOR2
route set interface
crypto ikev2 keyring AMS_KEYRING
peer Hub1
address 94.20.65.200
pre-shared-key AMSKEY
crypto ikev2 keyring AMS_KEYRING2
peer Hub2
address 134.1.1.1
pre-shared-key AMSKEY
crypto ikev2 profile AMS_PRO
match identity remote address 94.20.65.200 255.255.255.255
authentication remote pre-share
authentication local pre-share
keyring local AMS_KEYRING
aaa authorization group psk list FLEX_NETWORK FLEX_AUTHOR
virtual-template 1
crypto ikev2 profile AMS_PRO2
match identity remote address 134.1.1.1 255.255.255.255
authentication remote pre-share
authentication local pre-share
keyring local AMS_KEYRING2
aaa authorization group psk list FLEX_NETWORK2 FLEX_AUTHOR2
virtual-template 2
rypto ipsec profile IPSEC_PRO
set ikev2-profile AMS_PRO
crypto ipsec profile IPSEC_PRO2
set ikev2-profile AMS_PRO2
interface Tunnel0
ip address negotiated
ip nhrp network-id 100
tunnel source GigabitEthernet0/0/0
tunnel destination 94.20.65.205
tunnel protection ipsec profile IPSEC_PRO
interface Tunnel1
ip address negotiated
ip nhrp network-id 200
tunnel source GigabitEthernet0/0/0
tunnel destination 134.1.1.1
tunnel protection ipsec profile IPSEC_PRO2