My understanding of Policy based VPN is that it uses ACL rather than routing table to check for interesting traffic.
I have attached a diagram and configuration.
Host1 <--> R1<--> ISP<-->R3<-->Host2.
My question is that why do I need to have the Host2 route on R1 ( in form of static or default) to make it work?
If I remove default route or static route ( for Host2) from R1 I won't be able to reach Host2 from Host1 through the tunnel.
Thanks RJI ,
I believe for a router, routing will be checked first before applying IPsec. And It was failing at route lookup as there was no route to the destination so packet was dropped there itself.
Please correct me if I am wrong.