I have some issues migrationg from Policy Based to route based vpn for a OPNsense S2S VPN (both systems are OPNsense). Actually the Tunnel builts up including Phase2. I can see 0.0.0.0/0 as local and remote identifier. After configuring everything according to the documentation (https://docs.opnsense.org/manual/vpnet.html#new-23-1-vpn-ipsec-connections) routing still does not work. Packetcaptures on vti interfaces on both firewalls shows nothing. I tried to ping the remote VTI adress, but nothing happens. The install policy checkfield was unchecked for sure on both sides.
Just FYI: In the swantctl.conf I did not find anything related to "if_id_in" or "if_id_out". The swantctl doc about VTI says, that this is important... (https://docs.strongswan.org/docs/latest/features/routeBasedVpn.html)
What is the best way troubleshooting this?
Thanks.