Hi Makarand, > All the same, the packets are not pushed into the tunnel: > > ping 192.168.9.3 -I 10.10.9.4 > PING 192.168.9.3 (192.168.9.3) from 10.10.9.4 : 56(84) bytes of data. > ping: sendmsg: Network is unreachable > ping: sendmsg: Network is unreachable > > The ip xfrm policy seems to be correct: > src 192.168.9.0/24 dst 10.10.9.0/24 proto icmp > dir fwd priority 375167 ptype main > tmpl src 172.16.31.1 dst 172.16.31.2 > proto esp reqid 1 mode tunnel > > Would highly appreciate if anyone can point the error in my configuration?
No routes are installed in table 220 for policies with port/protocol restrictions. So make sure you have routes installed that allow to reach the remote networks. Regards, Tobias
