hi,

having issue with dialup tunnel and mode-cfg enable with dynamic routing. When trying to ping from dc 10.11.8.129/25 to  branch 10.11.8.1/25  side to branch I get a error stating  no matching ip selector  drop, I noticed looking at the tunnel the src selector is 0.0.0.0 the destination is dst: 0:10.11.6.5-10.11.6.5:0.  I am running version 5.2.7 at the dc and branch 6.2.1

config vpn ipsec phase1-interface     edit "www1"         set type dynamic         set interface "dc-wan1"         set nattraversal disable         set mode aggressive         set mode-cfg enable         set ipv4-dns-server1 8.8.8.8         set add-route disable         set ipv4-start-ip 10.11.6.4         set ipv4-end-ip 10.11.6.7         set ipv4-netmask 255.255.255.0         dc # get vpn  ipsec  tunnel  name  www1_0 de gateway   name: 'wan-www1_0'   type: route-based   local-gateway: 172.16.2.2:0 (static)   remote-gateway: 172.16.1.2:0 (dynamic)   mode: ike-v1   interface: 'dc-wan1' (8)   rx  packets: 1185  bytes: 141592  errors: 0   tx  packets: 231  bytes: 14516  errors: 69   dpd: enabled/negotiated  idle: 1000ms  retry: 2  count: 0   selectors     name: 'wan-www1'     auto-negotiate: disable     mode: tunnel     src: 0:0.0.0.0-255.255.255.255:0     dst: 0:10.11.6.5-10.11.6.5:0     SA       lifetime/rekey: 43200/37081          mtu: 1446       tx-esp-seq: e8       replay: enabled       inbound         spi: a9c2f9ff         enc:     des  45b91fc8132ff150         auth:    md5  459ece5572d6b04c583a26e9308e013a       outbound         spi: fc0fb2ac         enc:     des  ff9315f915184a48         auth:    md5  e2c2b3e38d615cdd828dbc3fcc80da32   dc #  get router  info routing-table  details  10.11.8.0 Routing entry for 10.11.8.0/25   Known via "bgp", distance 20, metric 0, best   Last update 00:37:12 ago   * 10.11.6.5, via www1_0