Hi,
You don't say which end is which so I'm assuming that 134.186.11.134 is your local end and 166.130.152.195 is the remote end.
This looks like the remote end is blocking ESP traffic. Myself and Victor recently come across a similar issue, but it was our local F5 BIG-IP that was generating the ICMP protocol 50 unreachable response.
I found that in our case the BIG-IP had wrong setting:
tmsh list sys db ipsec.lookupspi
sys db ipsec.lookupspi {
value "disable"
}
As in our case the BIG-IP was the IPSEC endpoint we needed to change the setting to:
tmsh list sys db ipsec.lookupspi
sys db ipsec.lookupspi {
value "enable"
}
using the command:
tmsh modify sys db ipsec.lookupspi value enable
tmsh save sys config
The KB article SOL14169 shows that the setting may need disabling if the BIG-IP is NOT terminating the IPSEC traffic, but this implies that if the BIG-IP IS terminating IPSEC traffic the setting needs to be enabled.