I have configured IPSec VPN from RUT240 to Juniper vSRX. tunnel goes up, but traffic does not pass. Tunnel is route based if it matters. I noticed that this is related to remote subnet configuration in RUT240 settings.
- If I define only one remote subnet in RUT240, VPN works
- If I define two or more remote subnets in RUT240, VPN does not work
I looked into /etc/config/ipsec
GUI creates multiple remote_subnet entries:
list remote_subnet '192.168.45.0/24'
list remote_subnet '192.168.46.0/24'
But then strongswan documentation suggests that remote networks should be comma separated list. So I edited ipsec file to have networks listen in one line:
list remote_subnet '192.168.45.0/24, 192.168.46.0/24'
Then from GUI I disabled and enabled VPN (since not sure how to restart process from cli) and now VPN works with multiple networks. But now I cannot edit IPSec tunnel settings in GUI, it says that configuration is invalid.
Firmware in RUT240 is "RUT2_R_00.07.02.7"