ipsec
A – B —-> C – D
subnet A and B: 10.200.0.0/16
subnet C and D: 10.201.0.0/16
Ping from A to D = no reply
… but tcpdump on B shows this: 10.201.0.2 > 10.200.0.2: ICMP echo reply
A: 10.200.0.2
B: 10.200.0.1
C: 10.201.0.1
D: 10.201.0.2
When pinging from B to D, it works!
Why doesn´t A get reply, even if this reply reaches B?
(server A has static route for 10.201.0.0/16 via B)
I disabled firewall on all servers to be sure, that none of them drops packets.