Reachable network dependant on Phase 2 ordering
-
I have a mobile IPSec solution which was working fine on 2.2.3, which now exhibits very peculiar behaviour.
It is connected to three internal subnets
192.168.900.0/24 == (10.601.1.0/25,10.602.1.0/24 and 10.603.1.0/24) [ networks edited for privacy reasons ]
I can connect to the phase 1 connection properly without issues.But I can only reach the network that is "highest" in the GUI. If 10.601.1.0 is highest, I can reach that one, if 10.602.1.0 is highest, I can reach that one.
I have not seen this behaviour before upgrading to 2.3.
-
If you are going to edit private network numbers, which I don't see the point of, don't use impossible numbers.
-
I have a setup to reach 2 separate networks, and it works fine, I can reach the second one in the list.
What do you see in the status -> ipsec page when the tunnel is established ? -
The raw output of 'ipsec statusall' would be helpful.