Customer Service Center

Environment/Versions Avalanche: All versions IPSEC- site to site Answer Do not assign any default gateway in client subnet, don't use any virtual routers. If you enable virtual routing on the port, IPSec will not send ESP packets across tunnels. Client Subnet: IP Address range- 111.1.1.1-111.1.1.254 Local Gateway- 172.17.42.90 Remote Gateway- 172.17.30.30 Static Route- 172.17.30.30/32 nexthop 172.17.42.1 Server Subnet: Network- 112.1.1.0 Local Gateway- 172.17.30.30 Remote Gateway- 172.17.42.90 Static Route- 172.17.42.90/32 nexthop 172.17.30.1   Attachments Attachment IPSEC_DUT.spf