IPSec Crypto MAP on a tunnel interface

Hi guys,

Wonder whats going on here? Is this even a supported configuration at all? I
am trying to configure IPSec over a GRE tunnel by applying a crypto map on a
tunnel interface (to encrypt everything going over the tunnel). See below
the configuration. I noticed on the wireshark capture that my ISAKMP packets
are being source from the physical interface's IP address (183.1.x.x) and
not the tunnel interface IP address (172.26.x.x). Now this is preventing the
tunnel from coming up because the peer is expecting an IPSec packet to come
from the tunnel IP address (configured in the crypto map peer config line).
What am I missing here?

Thanks,

R4#sh run int tun 100
interface Tunnel100
 ip address 172.26.0.1 255.255.255.252
 tunnel source 183.1.46.4
 tunnel destination 183.1.46.6
 crypto map MYMAP
end

R4#sh run | sec crypto
crypto isakmp policy 10
 encr 3des
 hash md5
 authentication pre-share
 group 2
crypto isakmp key CISCO address 172.26.0.2
crypto ipsec transform-set DES_SHA esp-des esp-sha-hmac
crypto ipsec profile IPSEC_PROFILE
 set transform-set DES_SHA
crypto map MYMAP 10 ipsec-isakmp
 set peer 172.26.0.2
 set transform-set DES_SHA
 match address IPSEC
 crypto map MYMAP
R4#

R6#sh run int tun 0
interface Tunnel0
 ip address 172.26.0.2 255.255.255.252
 tunnel source 183.1.46.6
 tunnel destination 183.1.46.4
 crypto map MYMAP
end
R6#
R6#sh run | sec crypto
crypto isakmp policy 10
 encr 3des
 hash md5
 authentication pre-share
 group 2
crypto isakmp key CISCO address 172.26.0.1
crypto ipsec transform-set DES_SHA esp-des esp-sha-hmac
crypto ipsec profile IPSEC_PROFILE
 set transform-set DES_SHA
crypto map MYMAP 10 ipsec-isakmp
 set peer 172.26.0.1
 set transform-set DES_SHA
 match address IPSEC
 crypto map MYMAP
R6#

-- 
CCIE #19963
Blogs and organic groups at http://www.ccie.net