IPsec tunnel up - cannot ping from lan but from cli is pinging

I’m little confused with rutx behevior, when IPsec tunnel is up.
Using RUTX11 fw:RUTX_R_00.07.06.1
against cisco

ipsec connection is done ok
Security Associations (1 up, 0 connecting):
rep1-rep1_c[1]: ESTABLISHED 14 minutes ago, 62.141.xx.xx[62.141.xx.xx…81.91.xx.xx[81.91.xx.xx]
rep1-rep1_c{1}: INSTALLED, TUNNEL, reqid 1, ESP SPIs: c6856a81_i 73541203_o
rep1-rep1_c{1}: ===
rep1-rep1_c_1{2}: INSTALLED, TUNNEL, reqid 2, ESP SPIs: c5eef07f_i 0ba1c5a0_o
rep1-rep1_c_1{2}: ===

now I can ping hosts in, networks but only from the router CLI

my LAN ip is and after tunel up, my PC lost connection to router at all
(no DHCP, no ping)
When the tunnel is down, PC to router connection is working again.

I missing some policy based routing, can you help me?


I believe the issue in this case is the overlap of LAN and networks behind IPsec, since covers hosts from to It is surprising that you’re not able to reach the RUTX11, as it has a more specific route to it’s LAN, but either way, I’d suggest removing from the remote networks in the IPsec configuration (or changing your LAN subnet) and checking if the issue is still present.

Best regards,

thank you.
Overlaping subnets is the problem.

This topic was automatically closed after 15 days. New replies are no longer allowed.