I found an document on the cisco web that describes how to do this. It looks pretty much ok, but I have one question: Q: By applying the crypto map on the outside interface, does this prevent other traffic (acl's) from going out on the outside interface and not in the IPSEC tunnel and to a different address/network?
Geir