Can someone shed some light on something for me please?
I have a VPN to a 3rd party. It's working in one direction (them to me). I need to send traffic in the other direction too (me to them) but that isn't working. Zdebug shows my traffic dropping on the rule number that should allow it.
So for now I have a query, looking at the info in the following IKEView screenshot.
172.16.1.0 (255.255.255.0) is THEM
10.200.0.0 (255.248.0.0) and 192.168.207.19 is ME.
Is the order of the subnets shown in IKEView significant? I.e. it always shows the 172.16.1.0/24 subnet first (them), then my subnet. Does that mean that the tunnel is only up in the direction of them to me? In order for me to send to them, should I be seeing another Phase 2 where my subnet is first, then theirs?
I'm trying to send to them from a different subnet, and I don't see any Phase 2 for my source subnet. Tracker shows it encrypting with no rule number. Zdebug shows it dropped.
Could this point to the remote side not allowing my source subnet in that direction?