BoVPN issue - no route
Hi
I have a BoVPN tunnel between two fireboxes up and running. Interface 1 on the remote firebox has Ip 192.168.71.100. I am trying to ping it from 192.168.21.199 and do not hear back.
The route is 192.168.21.0 - 192.168.71.0 bidirectional. I also have a BoVPN allow policy from the tunnel to any. Below is what I get from BoVPN debug. Why does it say I do not have a policy?
thanks
A possible problem was detected in the internal security policies for tunnel KZ.A correction to this error was attempted.
Recommendation: Send traffic to a host on the remote network, and run the report again.
Tunnel Name: MM
tunnel route#1(192.168.21.0/24<->192.168.71.0/24) - Established
Incoming traffic was NOT detected for this tunnel after the diagnostic report started.
Outgoing traffic was NOT detected for this tunnel after the diagnostic report started.
The outgoing traffic for tunnel route (192.168.21.0/24<->192.168.71.0/24) is denied by firewall policy (No route).
Recommendation: Check your firewall policy configuration.
The incoming traffic for tunnel route (192.168.71.0/24<->192.168.21.0/24) is denied by firewall policy (Inconclusive).
Recommendation: Check your firewall policy configuration.
Comments
Any denies in your firewall logs when this ping is tried?
Often I and others have seen that the BOVPN diagnostic report is not fully correct.
(Inconclusive) means that the diagnostic report isn't sure.
Given your BOVPN setup stated above,
"The outgoing traffic for tunnel route (192.168.21.0/24<->192.168.71.0/24) is denied by firewall policy (No route)" seem incorrect