Afternoon all, was wondering if someone would assist with a routing issue I am have.....?

Some background of the setup
Site A - Draytek 2960
IP Range - 192.168.97.0/24

Site B - Cisco ASA-5516
IP Range - 10.82.187.16/32, 10.82.187.17/32, 10.82.187.18/32

I can get the IPSec tunnel to connect/handshake but no traffic...

Under the Basic Tabs on VPN Profile should i be setting the Remote IP/Subnet Mask as
10.82.187.0 | 255.255.255.128/25
or
10.82.187.16 | 255.255.255.255/32
10.82.187.17 | 255.255.255.255/32
10.82.187.18 | 255.255.255.255/32


Both options bring the tunnel up but no data is passing....

Maybe the answer to this, is the "Create Phase 2 SA for each subnet" option? ...

See: https://www.draytek.co.uk/support/guides/kb-vpn-multiplesa

The "Create Phase 2 SA for each subnet" does not need to be ticked unless one of the site is non-DrayTek router which requires any traffic to exactly match the IPSEC security association. If the device (eg a Cisco) requires traffic to match the security assocation then a Phase 2 SA must be created for each subnet. In this case, enable the Create Phase2 SA for each subnet.(IPsec) option.

many thanks for the suggestion, i will look to find the option as its different on the 296/ linux OS device