Hi,
> children {
> net {
> local_ts = 172.28.10.0/24
>
> if_id_out = 42
> if_id_in = 42
> }
> }
> ...
> charon-systemd[134046]: traffic selectors 5.2.2.2.2/32 ===
> 192.168.0.2/32 unacceptableYou haven't specified a remote traffic selector, so it defaults to the public remote IP address. Since the responder apparently used its private IP as traffic selector that won't match. You'll probably want to configure the remote traffic selector explicitly (remote_ts). Regards, Tobias
