"CHINNA N.R. PELLACURU" wrote: > Is this acceptable, or should we enforce that ID and the IP address used > should be equal? I would say yes in the case when ID Payload contains IP Address type. But we should also allow to have ID Payload to contain FQDN type (and other non-IP IDs) and is use it to select the Policy entry.