This section describes the restrictions associated with this feature.
XAUTH ( 2-factor authentication ) is not supported.
Domain of Interpretation is not supported other than for IPsec.
NAT Traversal is not supported.
Custom IKE messages and vendor ID for the messages are not supported.
IKE fragmentation is not supported.
IKE and IPsec are not supported on the Segmented Management Instance interfaces, or with management applications such as RADIUS and TACACS+. You can configure RADIUS security with RADsec on supported devices.