Hi All,
I have a star-shaped network with satellites connecting to the core with IPSec connections.
I I need to use Tunnel Isolation, otherwise traffic gets routed through the tunnel that I don't want there.
I have the following weird behavior: whenever I add a new satellite site (IE add a new phase2 plus corresponding phase2 entries at the core), and press 'Apply' then the existing satellites cannot initiate connections any more.
if i say: ipsec up conx-y at the satellite, I get a TS_UNACCEPTABLE error
if i say: ipsec up conx-y at the core it establishes fine.
However, after i do a 'ipsec restart' at the satellite, the satellite can initiate again.
Any idea what I can do in order to find out what's going on here?
Thanks a lot,
Frank