IPSec Full Tunnel RUTC50

Christoph · June 17, 2026, 6:57am

Hello,

I have problems to setup an IPSec Full Tunnel to a Palo Alto in the company.

On the RUCT50 is only a Printer (Ethernet) and a Notebook (WiFi) connected.

The RUCT50 communicates only over 5G to the Internet.

FW is RUTC_R_00.07.23.1

Dyndns is also set up.

If I deactivate the Tunnel, the Notebook can open pages like google.de or whatever.

I setup the Tunnel with the most default values, and I active the “Default route” button. In “advance settings” all values are empty.

When I active the Tunnel, the Notebook reaches nothing. No Websites, but also no ping to the “Company” network.

When I deactivate the “Default route” and I enter the Local subnet “172.27.130.0/28” and Remote subnet “172.27.1.0/24” the Tunnel works very well. But I don’t have a Full Tunnel.

What can I do?

Thanks in advance!

Christoph · June 18, 2026, 6:43am

Problem solved!

“Default route” must be deactivate. Local subnet “172.27.130.0/28”, Remote subnet “0.0.0.0/0” and under “Advance settings → Remote passtrought subnets: 172.27.130.0/28”.

I tried several times this setting, but without this “Remote passtrought” the Router is not accessable over LAN. But that is, of course, entirely logical. The only thing I couldn’t find was where to configure the exception. Unfortunately, this isn’t obvious in the wiki.

If you activate Default route with the passtrough setting it has the same error. Nothing is reachable.