Hello
While reading the log today I found out that an existing IPSec tunnel gives this error “no policy found/generated” (photo attached).
In the IPSec policy section, I can see Phase 2 with established status. I can also reach the other side of the tunnel.
Any idea of what can this be ?
Thank you all
Added some more ipsec data to the log.
the dst address of the policy is wrong and it should be a /32.
In the ipsec settings it is correctly set up.
Has anyone faced something similar?
It appears that the remote peer asks for another policy in addition to the existing one. So everything works via the policy you actually need, but the peer keeps trying to establish another one that is configured at its end but not at yours.
The log should confirm this - you’ve only shown the lines describing that /29 <=> /29 traffic selector but the lines before should tell you that the request for such a policy has arrived from the peer.
Thanks Sindy, you are very right. ir was an error from our partner.
Thank you for the help