There is no need to run one more tunnel, as IpSec is already configured for tunnel mode.
If you have masquerade on those routes, then make sure that you have accept rule for ipsec traffic.
There is no need to run one more tunnel, as IpSec is already configured for tunnel mode.
If you have masquerade on those routes, then make sure that you have accept rule for ipsec traffic.