<div dir="auto">I'm still not able to make things work, and don't know what I might be doing wrong. Any pointers would be appreciated.<div dir="auto"><br></div><div dir="auto">Thanks,</div><div dir="auto">Brendan</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Aug 16, 2021, 2:05 PM brendan kearney <<a href="mailto:bpk678@gmail.com">bpk678@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I have a road warrior config setup, and the tunnel establishes without<br>
issue. the problem i cannot track down is why the client never<br>
receives a reply (properly?). if i ping anything, or send any other<br>
traffic down the tunnel, i can see it on the "server" side. in the<br>
case of pings, i can see the response, but the client does not<br>
register the reply. there are no firewalls in the path or running<br>
locally on either the client or the server. where can i look for why<br>
traffic is not registering with the client (i believe its actually<br>
getting to the client)?<br>
<br>
client config:<br>
# Remote Access Connection<br>
conn rac<br>
# Connection Parameters<br>
auto=add<br>
authby=secret<br>
#type=transport<br>
ikev2=insist<br>
ikelifetime=24h<br>
salifetime=1h<br>
rekey=yes<br>
fragmentation=yes<br>
compress=yes<br>
# Dead Peer Detection<br>
dpddelay=30<br>
dpdtimeout=120<br>
dpdaction=clear<br>
# Local Definitions<br>
left=%defaultroute<br>
#leftsubnet=<a href="http://0.0.0.0/0" rel="noreferrer noreferrer" target="_blank">0.0.0.0/0</a><br>
leftid=<a href="http://munin.bpk2.com" rel="noreferrer noreferrer" target="_blank">munin.bpk2.com</a><br>
leftmodecfgclient=yes<br>
# Remote Definitions<br>
right=<a href="http://router-ext.bpk2.com" rel="noreferrer noreferrer" target="_blank">router-ext.bpk2.com</a><br>
rightsubnet=<a href="http://0.0.0.0/0" rel="noreferrer noreferrer" target="_blank">0.0.0.0/0</a><br>
# Pull Configs from Remote<br>
modecfgpull=yes<br>
<br>
server config:<br>
# Remote Access Connection<br>
conn rac<br>
# Configuration Parameters<br>
auto=add<br>
authby=secret<br>
#type=transport<br>
ikelifetime=24h<br>
salifetime=1h<br>
ikev2=insist<br>
rekey=yes<br>
fragmentation=yes<br>
compress=yes<br>
# Dead Peer Detection<br>
dpddelay=30<br>
dpdtimeout=120<br>
dpdaction=clear<br>
# Local Definitions<br>
left=192.168.152.254<br>
leftsubnet=<a href="http://0.0.0.0/0" rel="noreferrer noreferrer" target="_blank">0.0.0.0/0</a><br>
#leftid=<a href="http://ipsec.bpk2.com" rel="noreferrer noreferrer" target="_blank">ipsec.bpk2.com</a><br>
leftid=<a href="http://router-ext.bpk2.com" rel="noreferrer noreferrer" target="_blank">router-ext.bpk2.com</a><br>
# Remote Definitions<br>
right=%any<br>
rightid=%any<br>
#rightsubnet=vhost:%priv,%no<br>
#rightsubnet=<a href="http://0.0.0.0/0" rel="noreferrer noreferrer" target="_blank">0.0.0.0/0</a><br>
rightaddresspool=192.168.152.50-192.168.152.99<br>
# Push Configs to Remote<br>
modecfgdns=192.168.120.254<br>
modecfgdomains=<a href="http://bpk2.com" rel="noreferrer noreferrer" target="_blank">bpk2.com</a><br>
</blockquote></div>