Site-to-site IPSec - routing issue

Hello community,

I’ve upgraded the firewall from 1.1.7 to 1.2.0 version and we faced an issue where all the ipsec site-to-site vpn didn’t work correctly
The issue is that strongswan doesn’t inject the remote prefix in the routing table
I workaround the issue by creating a static routes and it works fine

Can someone explain me why the routes are not injected correctly ?


Hello @ZADM, can you check table 220?
sudo ip route show table 220
And provide please config for reproducing this
show configuration commands | match vpn

Hi, @ZADM!

Provide, please, the full VPN configuration (you can mask addresses and keys) to we can reproduce issue.