ok. here is a proper update for you all, should anyone knows what a heck I'm doing wrong (*wink*) - do let me know
obviously I was following IN DETAIL sk86582 but,:
exec ping 10.10.10.1 (from Fortigate CLI on 10.10.10.4)
5 packets transmitted, 0 packets received, 100% packet loss
whilst on zdebug on CP Cluster:
;[cpu_1];[fw4_0];fw_log_drop_ex: Packet proto=1 10.10.10.4:2048 -> 10.10.10.1:5649 dropped by vpn_drop_and_log Reason: Clear text packet should be encrypted;
when $FWDIR/lib/crypt.def (on SMS + successfuly pushed is like following:
with following in a proper place as well:
((src in vpn_exclude_src1) and (dst in vpn_exclude_dst1)) and ((src in vpn_exclude_src2) and (dst in vpn_exclude_dst2)) and ((src in vpn_exclude_src3) and (dst in vpn_exclude_dst3))
ps. all in right space, spot and policy installed - just simply DOES NOT WORK and I cannot ping whatever direction I'll take based on the exclude_objects from above.
any clue chaps ?