VPN tunnel established but traffic is not being passed between local and remote network

Hey guys,

So I’m having some issues passing traffic through a site to site VPN tunnel established between PFSense and palo alto.

Phase 1 and Phase 2 entries look correct, Tunnel itself is established however I can’t ping the gateway on the other side and none of the devices on the remote network seem to be connecting to the server in our LAN.

I have a feeling that the issue might either be my firewall rules for IPSec or the static route I created for the traffic to pass through.

Host on local network:

Devices on remote network:

I’ve place an any any rule on the IPSec interface temporarily for troubleshooting.

Does anyone see anything obvious here that I’m missing?

Double check for mismatched ciphers, easy to overlook.

Only question on that side of things is that the other side is using aes-cbc specifically. I don’t see any option for CBC in PFSense UI

If the ciphers don’t match the traffic will not route, choose one that is available on both sides.

This is the issue with your VPN provider you can try some other and see if it stops.