Cisco Cisco IOS Software Releases 12.2 MC Libro bianco

Does not support failover of IKECFG attributes.

Does not support IKE XAUTH states.

Supports just a single VAM/VAM2 card in each active/standby router.

Requires identical security policy configurations on both active and standby routers.

Requires that IKE keepalives must not be used; enabling this feature will cause the connection to be 
torn down after the standby router assumes ownership control.

Supports keepalives only with dead peer detection (DPD).

Requires that priority values are equal on both active and standby routers for IP redundancy. 

IPSec MIB statistics could be erroneous on the standby router after a failover.

Requires that active and standby routers be connected to an Ethernet interface.

Does not support Cisco VPN Client 3.X client.

Does not support PKI certificates.

Internet Key Exchange (IKE)

IP Security (IPSec)

Reverse Route Injection (RRI)

Hot Standby Router Protocol (HSRP) 

State Synchronization Protocol (SSP) 

Cisco 7200 series