So I used only the peers - peer configs and ran ipsectl -sa and was able to get SADs and flows, however when I try to ping an ip behind that subnet over the VPN i get a ttl expired in transit. Doing a trace shows a loop half way thus the ttl expired.
|