when I enable hw crypto one of my tunnels does not work (I am quite sure it's a Cisco on the other side).

After disabling hw crypto and a reboot the same tunnel config works. Tested again right now.

After loading my old config, my IPsec remote clients aren’t working either....

So I needed to go back to 2.4.5.... so I threw in the USB with the image I got from Netgate and it erased the flash and then booted and said “unsupported system, no serial number”....🤬
This is a real deal SG1100!!!!
So now I’ve got a brick....

Lots of issues indeed :-(
I will play with it for another day or two, but then I'll need to revert back to code that I know works...

If anybody needs any logs, testing, etc. to troubleshoot this issue please let me know.

Sadly, there seems to be something very wrong with strongswan/IPSec in 21.02, from invalid values(rekey time breaks if 0 is in field, should be blank), mismatched tunnel IDs(the above patch addresses this), widget problems, reports of secrets getting mangled, P2 that are no longer transmitting data.

1 - On the IPSec status screen I see a Child SA entry (I'm assuming P2?) under the main IPSec entry (P1?) - This Child SA entry has my local and remote subnets as defined in my P2 config. The stats show that there are packets out, but no packets in.

2 - On this same screen, under the above entries, I see another entry with the same configuration (I only have one VPN configured) that says it's Disconnected. I've clicked the Connect button numerous times and nothing changes.

I don't see anything that stands out in the logs as an obvious issue - It's almost like the routing is not correct. Should I be seeing an entry in netstat -r for my remote network? (I'm not).

Definitely something strange going on with IPSec in this release.