Hi
I have a route VPN that was working until recently. Now it shows as up and ok, but the traffic just seems to get nowhere. When I try to ping a node on the other side I get this output:
ipid = 5034(13aa), @0326d4b4
packet passed sanity check.
ethernet0/0.3:192.168.3.10/36289->10.0.0.1/768,1(8/0)<Root>
no session found
flow_first_sanity_check: in <ethernet0/0.3>, out <N/A>
[ Dest] 5.route 192.168.3.10->0.0.0.0, to ethernet0/0.3
chose interface ethernet0/0.3 as incoming nat if.
flow_first_routing: in <ethernet0/0.3>, out <N/A>
search route to (ethernet0/0.3, 192.168.3.10->10.0.0.1) in vr trust-vr for vsd-0/flag-0/ifp-null
[ Dest] 30.route 10.0.0.1->10.0.0.1, to tunnel.3
routed (x_dst_ip 10.0.0.1) from ethernet0/0.3 (ethernet0/0.3 in 0) to tunnel.3
policy search from zone 105-> zone 1
policy_flow_search policy search nat_crt from zone 105-> zone 1
RPC Mapping Table search returned 0 matched service(s) for (vsys Root, ip 10.0.0.1, port 48282, proto 1)
No SW RPC rule match, search HW rule
Permitted by policy 114
dip id = 6, 192.168.3.10/36289->172.16.200.101/3051
packet dropped, no way(tunnel) out
So it seems to be permitted by policy, it seems to know to route it to tunnel.3, the VPN seems up:
00000004< 156.23.19.210 500 esp:a256/sha1 7dda7617 9731 403M A/U -1 0
00000004> 156.23.19.210 500 esp:a256/sha1 8765d673 9731 403M A/U -1 0
I can't see the lines of really choosing the interface for paket out, NAT translated packetand so on. So what does this mean. Is this a problem in my configuration or can that be something on remote side. Unfortunatly I don't have an insight to the other side's status..
Thanks
Jure