Multiple encrypted ends in a IPSEC Tunnel not reachable at same time

We have an IPSEC tunnel with two encrypted end on counter part (xxx.xxx.240.16 and xxx.xxx.240.17). Both shows PH2 state as established. But to reach xxx.xxx.240.16 I’ve to disable xxx.xxx.240.17 policy, but xxx.xxx.240.17 is reachable with xxx.xxx.240.16 policy active. What i’m missing here?

mtkcfg.txt (4.26 KB)

A quick shot - change the level parameter of both policies to unique and try again.

That solved the problem.
Thank you very much.