Hello, I’m trying to debug my IPSec problem. I don’t have control of router on the other side(Cisco ASA5540), so I dont have all informations, what is going on on the other side…
I configured IPSec properly source and destination subnet are not srcnated(accept rule in nat…) IPSec policies have PH2 state established and SA counters are growing, but guy on the other side is saying that he has no traffic in tunnel from my testing machine…
One wild guess is this: i have policy: e.g.: 10.10.10.0/24 → 192.168.0.0/23, which is established. Also I have two disabled policies: 10.10.10.0/24 → 192.168.0.0/24 and 10.10.10.0/24 → 192.168.1.0/24.
So question is could those disabled policies in some way have influence on traffic flow… I can’t test this, because I would have to shutdown machine, where tunnel is currently…