Hi @John Bautista as both myself and @tvotna said to check if ESP is dropped, by taking a packet capture on both sides to confirm if ESP packets are sent and received.
@Makoon on the IOS router use the no config-exchange request command in the IKEv2 profile configuration mode to disable configuration exchange options
crypto ikev2 profile profile-v2 no config-exchange request
https://www.cisco.com/c/en/us/td/docs/s...
@dissai is the configuration you provided accurate? The packet-tracer output references objects called "Momo_Gateway" but there is no mention of Momo_Gateway in your configuration. Please provide the full configuration.
Re-run packet-tracer appended ...
@rob1456657 assuming the traffic is tunnelled and the NAT rule is working correctly, you would also need to configure the command same-security-traffic permit intra-interface to allow the traffic to be routed back out the same interface it came in on...
@teamdv6199 no, you must upgrade the FMC before you upgrade the FTD's. Upgrade procedure:-
https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/upgrade/management-center/720/upgrade-management-center-72/upgrade-mgmt-center.html
FYI, 7.2.5 i...