I have 2 ERLs, a USG ,and an ERP. 1 ERL and the USG are connected to the ERP just fine and the VPN is up with traffic traversing it.
However, when I use the GUI to set up a 3rd tunnel between 1 ERL and the ERP the status of the tunnel shows as up in the VPN status wizard but if I ping the gateway device there's no response. This was set up exactly how the other ERL VPN was set up so I'm not sure where the issue is.
show vpn ipsec sa returns the following information for the tunnel having trouble
peer-<Remote WAN>-tunnel-1: #3, ESTABLISHED, IKEv1, f58433a3ba8f01db:85213777169d3f22
local '<localWAN>' @ <localWAN>
remote '<Remote WAN>' @ <Remote WAN>
AES_CBC-256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
established 1825s ago, reauth in 25964s
peer-<Remote WAN>-tunnel-1: #4, INSTALLED, TUNNEL, ESP:AES_CBC-256/HMAC_SHA1_96/MODP_2048
installed 1825 ago, rekeying in 792s, expires in 1777s
in cfb8778e, 0 bytes, 0 packets
out ceaa01fe, 1606 bytes, 24 packets, 1261s ago
local 10.10.0.0/24
remote 172.16.4.0/24