I have an SR 520 router located at my remote site with public IP xx.8.140.226, and private IP 192.168.3.1.
The central office is at public IP xx.60.101.154, and has a 10.1.1.0 scheme. I have a site to site VPN tunnel between the central and remote sites.
It seems to work fine, but I can't ping the remote site from the central site. In other words, I can't ping 192.168.3.1, the SR520's inside address, from the central site. The SR 520's public address (xx.8.140.226) also cannot be pinged from the internet.
From the remote site, I can ping to the central site fine. I must be using zone based security incorrectly in the attached remote site config? What do I need to do to make the remote site pingable, and preferably the clients behind the remote site SR520 pingable from the central site. Can someone help? It would be much appreciated.