If the Proxy-ID is not configured, because the firewall supports route-based VPN, the default values used as Proxy-ID are source ip: 0.0.0.0/0, destination ip: 0.0.0.0/0 and application: any; and when these values are exchanged with the peer, it results in a failure to set up the VPN connection.
To configure a Site to Site VPN between 2 Peers ; one with a Dynamic IP and the other with a static IP a dynamic crypto map is used. However as the static based peer will be unaware of the remote peers IP the VPN can only be initated from the dynamic side. cisco - Can we change peer IP of IPSec VPN tunnel in one Ensuring the new VPN peer(s) have compatible IKE phase I and phase II configurations, reflexive ACLs, tunnel-group configuration for the new peer addresses and a roll-back plan may help with making this change. ASA 8.3 L2L VPN Configuration Reference. Example Output: Virtual Interface IP Addresses for a VPN to a Third-Party Select the VPN Routes tab. In the Interface section, select the Assign virtual interface IP addresses check box. In the Local IP address text box, type the IP address for the local end of the tunnel. This address must be on the same subnet as the IP address configured for this VPN tunnel on the third-party endpoint (the peer). Solved: non-meraki VPN peers - The Meraki Community -- This question is a non-meraki VPN peer, not Meraki auto VPN. Question 3, If source IP and destination IP are specified in "SD-WAN & traffic shaping" Flow preferences> Internet traffic, will it take precedence over non-meraki VPN peers sett - No, the Meraki will only form a VPN to a non-Meraki VPN peer on the chosen primary uplink
VPN Tunnel Down Between Palo Alto Networks Firewall Static
Configure BOVPN Virtual Interface IP Addresses In the Peer IP address text box, type the IP address to use for the remote end of the tunnel. This address must match the Local IP address for this BOVPN virtual interface on the peer Firebox. When you configure dynamic routing for a BOVPN virtual interface, use the virtual interface IP addresses rather than the device name. IPsec Management Configuration Guide - IP Security VPN
The Peer IP address must match the Local IP address configured on the Firebox at the other end of the tunnel. If it is a netmask, it must match the netmask configured on the third-party endpoint at the other end of the tunnel. You configure these settings differently for a BOVPN between a Firebox and a third-party VPN peer.
Jun 26, 2020 Peer IP Address ??? - Networking