@lfoerster said in Possible IPSec routing issue:
So its more intelligent to place the static route NOT on 10.10.0.251 here, but on the default gateway both .251 and .2 devices (and probably all in the 10.10.0.0 segment) have configured.
Of course you were correct. I put a static route in the default GW on our side and it started to work immediately.
I do have to admit it gets me a little confused though, since I've been using static routes on clients before. And, while it says it's a headache when administering multiple clients (which we don't), this article says it should work:
https://docs.netgate.com/pfsense/en/latest/book/ipsec/site-to-site.html
Anyway, thanks a million!