IPSEC - Some issues and no block Incoming ESP traffic

[smema79]

good morning to all
I am running some tests to migrate my ipsec tunnels from legacy to 'Connection' and have encountered some anomalous behaviour.

The first concerns the "Disable all auto-added VPN rules" option in the "Advanced" section (ipsec area) which, if not selected, does not automatically generate the entries to the WAN firewall rules for the different ipsec protocols. If I create a Legacy ipsec session, these are created correctly.

The second problem, which I do not understand, is precisely why I keep receiving incoming calls from a remote peer if:
- there are no inbound rules on the WAN to allow this
- there is a general drop (IPv4 any) at the end of the WAN rules with logging option mode active and "first match"
- there do not appear to be any auto-generated rules, for precisely the reason given in the first point. The same goes for 'floating rules'.

Yet in the ipsec log I keep seeing:
2024-04-23T20:06:12   Informational   charon   09[NET] <172> received packet: from x.x.x.190[500] to x.x.x.148[500] (240 bytes)

could someone help me understand how this happens?

Thanks