Here is the config:

I have a Master server (BM37) configured with with a VPTunnel address
192.168.x.x. Local network is a 10.x.x.x. Connecting to a BM 36 server
using a tunnel address of 192.168.x.x (they are in the same network per
the documentation). It has a local address in another subnetted 10.x.x.x.

I am getting the following error from the audit log:

[SKIP] Construction of SA failed for peer x.x.x.x

I have also noticed that the VPTunnel does not load when VPSLAVE was
loaded and if I manually load the VPTunnel.lan driver the 192.168.x.x
address is not associated with the VPTunnel.lan driver and there are no
static routes with this information.

Am I suppose to manually bind the tunnel ip address? Does this get setup
when the servers establish communication over the public interfaces?

I have run the update the VPN filters on both boxes to no avail.

What else am I missing?

Steve D.