Hi!
I don't know IPSec very well and I'm asking for help in solving an authentication problem.
I have a crypto map, to which I add the settings of another peer (sequence 300):

interface Port-channel1.1000
encapsulation dot1Q 1000
ip address yyy.yyy.yyy.77 255.255.255.252
ip nat outside
crypto map crypto-map-1000

crypto map crypto-map-1000 100 ipsec-isakmp
set peer xxx.xxx.xxx.11
set transform-set ESP-AES256-SHA256-HMAC
set ikev2-profile peer1-via-1000
match address peer1-list

crypto map crypto-map-1000 200 ipsec-isakmp
set peer xxx.xxx.xxx.22
set transform-set ESP-AES-SHA-HMA
set pfs group5
match address peer2-list

crypto map crypto-map-1000 300 ipsec-isakmp
set peer xxx.xxx.xxx.33
set transform-set ESP-AES256-SHA256-HMAC
set pfs group14
set ikev2-profile peer3-via-1000
match address peer3-list

Debug shows:

SM Trace-> SA: I_SPI=46619F60E8047DD2 R_SPI=D147D5161FE56C88 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_GET_POLICY_BY_PEERID
IKEv2-INTERNAL:(5): Choosing IKE profile peer1-via-1000
IKEv2-INTERNAL:% Getting preshared key by address xxx.xxx.xxx.33
IKEv2-INTERNAL:% Getting preshared key by address xxx.xxx.xxx.33
IKEv2-INTERNAL:Adding Proposal proposal-1 to toolkit policy
IKEv2-INTERNAL:Adding Proposal proposal-2 to toolkit policy
IKEv2-INTERNAL:(SA ID = 5):Using IKEv2 profile 'peer1-via-1000'
IKEv2-INTERNAL:(SESSION ID = 1161619,SA ID = 5):SM Trace-> SA: I_SPI=46619F60E8047DD2 R_SPI=D147D5161FE56C88 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_SET_POLICY
IKEv2-INTERNAL:(SESSION ID = 1161619,SA ID = 5):Setting configured policies
IKEv2-INTERNAL:(SESSION ID = 1161619,SA ID = 5):SM Trace-> SA: I_SPI=46619F60E8047DD2 R_SPI=D147D5161FE56C88 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_VERIFY_POLICY_BY_PEERID
IKEv2-INTERNAL:(SESSION ID = 1161619,SA ID = 5):SM Trace-> SA: I_SPI=46619F60E8047DD2 R_SPI=D147D5161FE56C88 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_CHK_AUTH4EAP
IKEv2-INTERNAL:(SESSION ID = 1161619,SA ID = 5):SM Trace-> SA: I_SPI=46619F60E8047DD2 R_SPI=D147D5161FE56C88 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_CHK_POLREQEAP
IKEv2-INTERNAL:(SESSION ID = 1161619,SA ID = 5):SM Trace-> SA: I_SPI=46619F60E8047DD2 R_SPI=D147D5161FE56C88 (R) MsgID = 1 CurState: R_VERIFY_AUTH Event: EV_CHK_AUTH_TYPE
IKEv2-INTERNAL:(SESSION ID = 1161619,SA ID = 5):SM Trace-> SA: I_SPI=46619F60E8047DD2 R_SPI=D147D5161FE56C88 (R) MsgID = 1 CurState: R_VERIFY_AUTH Event: EV_GET_PRESHR_KEY
IKEv2-INTERNAL:(SESSION ID = 1161619,SA ID = 5):
SM Trace-> SA: I_SPI=46619F60E8047DD2 R_SPI=D147D5161FE56C88 (R) MsgID = 1 CurState: R_VERIFY_AUTH Event: EV_VERIFY_AUTH
IKEv2-INTERNAL:(SESSION ID = 1161619,SA ID = 5):Failed to compute authentication data
IKEv2-ERROR:(SESSION ID = 1161619,SA ID = 5):: Failed to authenticate the IKE SA
IKEv2-INTERNAL:(SESSION ID = 1161619,SA ID = 5):SM Trace-> SA: I_SPI=46619F60E8047DD2 R_SPI=D147D5161FE56C88 (R) MsgID = 1 CurState: R_VERIFY_AUTH Event: EV_AUTH_FAIL
IKEv2-INTERNAL:Construct Notify Payload: AUTHENTICATION_FAILED
Payload contents:
NOTIFY(AUTHENTICATION_FAILED)
Next payload: NONE, reserved: 0x0, length: 8
Security protocol id: Unknown - 0, spi size: 0, type: AUTHENTICATION_FAILED

I don’t understand why the Peer1-via-1000 profile is selected for Peer3 if Peer3-via-1000 is specified in the config.

Just in case, I will show the settings of these profiles:

crypto ikev2 profile peer1-via-1000
match identity remote any
authentication remote pre-share
authentication local pre-share
keyring local keyring-peer1-via-1000

crypto ikev2 keyring keyring-peer1-via-1000
peer peer1
address xxx.xxx.xxx.11
pre-shared-key iphooxi0IChi

crypto ikev2 profile peer3-via-1000
match identity remote any
authentication remote pre-share
authentication local pre-share
keyring local keyring-peer3-via-1000
lifetime 28800

crypto ikev2 keyring keyring-peer3-via-1000
peer peer3
address xxx.xxx.xxx.33
pre-shared-key vahN0if0eegh

Thanks!

P.S. This is my first post.
P.S. Sorry for the English, it is not my native language.