We're trying to establish ikev2 ipsec tunnel between RUT240 (RUT2XX_R_00.01.12) and OpenBSD's iked. We've successfully deployed such tunnels using RUT950 and RUT900. Configuration on local (OpenBSD) side is identical to configurations for working tunnels, the only change is using SHA-256 for RUT240, as it seems to don't support SHA-512. Configuration on RUT240 side is also identical to RUT950/900 configurations, but lacks passthrough section in /etc/ipsec.conf
Ipsec tunnel seems to be correctly established at RUT240 startup, but as soon at is established it is closed by RUT240. Another attempt (done automatically by RUT240) establishes tunnel, but the error is visible in logs:
Mon Apr 6 18:17:35 2020 daemon.info ipsec: 08[KNL] received netlink error: Network is unreachable (128)
Mon Apr 6 18:17:35 2020 daemon.info ipsec: 08[KNL] unable to install source route for <rut_240_local_lan_ip>
Tunnel is in ESTABLISHED state on both sides of the connection, but we cannot ping anything on our side from RUT, and cannot ping RUT from our local subnet.
I'll gladly support you with logs from RUT and OpenBSD in private message, please contact me under my e-mail address.