We have an existing community with a tunnel to Palo Alto A with subnet 10.16.0.0/15 behind it.
We need to create a new tunnel in a different community to a Palo Alto B with a subnet of 10.16.100.0/24.
The tunnel to tunnel B is not even initiating IKE, all the traffic is going to the existing tunnel to Palo Alto A.
I know that the proper subset (as called by Checkpoint) is not supported in general, but is it not clear which side the proper subset is referred to.
The only option I see is a route-based VPN for the new tunnel. But I thought I will ask here before if there is something different to try.
SMS and gateway os R81.10