"
First of all, I want to say I really appreciate all the hard work you put into this amazing software. This is my first post here, and I'm sorry that it's a little bit critical.
Currently exploring a lot of features, I'm not new to networking, but new to OPNsense.
I just wanted to provide the feedback that I found the current (not legacy) IPSec configuration to be unintuitive. I tried to set up a route-based tunnel to a Palo Alto Networks firewall for an hour or so, was frustrated with the experience; already started to troubleshoot log files, then decided to try it in the "Tunnel Settings [legacy]" tab (that I also never used before), and the tunnel was up in 5 minutes. I think the documentation and web UI help is really helpful in other parts of OPNSense, but with IPSec tunnels, it didn't help much.
I don't know if others experience similar difficulties initially (or if it's a skill issue ^^), but I'd appreciate if the IPSec options could be made more intuitive to use. I'm sure once I configure a tunnel with the new settings successfully it would be more clear, but the current implementation was difficult to grasp for someone who tried to use it for the first time.
Currently exploring a lot of features, I'm not new to networking, but new to OPNsense.
I just wanted to provide the feedback that I found the current (not legacy) IPSec configuration to be unintuitive. I tried to set up a route-based tunnel to a Palo Alto Networks firewall for an hour or so, was frustrated with the experience; already started to troubleshoot log files, then decided to try it in the "Tunnel Settings [legacy]" tab (that I also never used before), and the tunnel was up in 5 minutes. I think the documentation and web UI help is really helpful in other parts of OPNSense, but with IPSec tunnels, it didn't help much.
I don't know if others experience similar difficulties initially (or if it's a skill issue ^^), but I'd appreciate if the IPSec options could be made more intuitive to use. I'm sure once I configure a tunnel with the new settings successfully it would be more clear, but the current implementation was difficult to grasp for someone who tried to use it for the first time.
