Hi Gokul,
Thanks for the clairification. I've checked the drop down and found there are few with "nopfs." Since I'm already using G2 in the proposal, which means PFS is included/enabled.
Regarding the Proxy IDs - Yes there are too many subnets on both ends that need to be allowed . I tried confugring the 0.0.0.0/0 for the remote IP, but it made the sa assocation inactive. I checked with the other end and they aren't configuring any proxy IDs.
Also adding individual proxy IDs will add another association in SA ? Because i tried to add and later removed and a new pair of sa association got added and it shows up as expired.
Thanks Vikas and Gokul for all the clarification and help.
Best Regards,
Ishaik