said by Lea Massiot:
I have another question: in the past I set up a PPP over SSH tunnel between two Unix machines, I could, start stop, restart the tunnel whenever I wanted. Can I do the same with an IPSec tunnel between two Cisco routers? In particular, I wish I could start the tunnel on demand and not have it active all the time... is it possible and how?
Unless you put some restricting ACL, your ACL 101 permits all IP protocol traffic to pass through the IPSec VPN tunnel. Therefore you should be able to do anything you need in regards of IP traffic.