I opened a case today but would love to bounce this off the community. I have a 601f (7.0.11) that is the hub of my network. It currently has several site to site tunnels to my offices and I am adding a dial up hub for my stores. When the spoke builds phase 2 the hub stops being able to pass traffic across any site to site tunnel. The bizarre piece is that the tunnels show up and events aren't generated showing the tunnels dropping. I can't even ping across them on the directly connected IP. There is nothing weird in the routing table either. As soon as I disable the dial up tunnel on the spoke side connectivity restores on all of my site to site tunnels. Is there some kind of limitation where you can't have site to site and dial up tunnels on the same firewall?