Good morning (o;
First of all...I'm pretty new to SRX devices....
I've setup a site-to-site policy-based VPN with the help of the online configuration tool, and from what I can tell the VPN is up and passed phase 1 and 2:
root> show security ipsec security-associations
Total active tunnels: 1
ID Algorithm SPI Life:sec/kb Mon lsys Port Gateway
<2 ESP:aes-cbc-128/sha1 9ad983c5 2287/ unlim - root 500 X.X.53.70
>2 ESP:aes-cbc-128/sha1 10c464e3 2287/ unlim - root 500 X.X.53.70
<2 ESP:3des/sha1 b768d72 2288/ unlim - root 500 X.X.53.70
>2 ESP:3des/sha1 d470e603 2288/ unlim - root 500 X.X.53.70
But somehow the policies don't work correctly as I can't establish any traffic between the 10/16 and 192.168.178/24 subnets.
Trying to access a website on the remote end I see this flow session entry:
Session ID: 2580, Policy name: vpnpolicy-trust-untrust-lengnau/5, Timeout: 8, Valid
In: 10.0.100.2/49184 --> 192.168.178.20/80;tcp, If: ge-0/0/1.0, Pkts: 3, Bytes: 180
Out: 192.168.178.20/80 --> Y.Y.90.159/21771;tcp, If: ge-0/0/0.0, Pkts: 0, Bytes: 0
How do I interpret this two lines correctly?
First line makes sense to me, and 3 packets are sent...but the second line doesn't make any sense to me...