XG to UTM9 Site to site IPSEC vpn can ping one direction only

Question

Hi All, 
 First time poster, so if i got this in the wrong location, sorry. 
 I have been using UTM since astaro days and not much i can't do with it. 
 I have only been using the XG firewall for a few days now, so its a learning curve. 
 
 Now to my problem, i can ping from the local lan on the XG FW to the UTM but not back the other way. 
 I have spent all day today researching and trialinig various things, but am stuck. 
 I have followed the below tutorial and configured only 1 network on each side 
 https://community.sophos.com/kb/en-us/126628 
 I have also looked at the following for potential inspiration: 
 https://community.sophos.com/kb/en-us/123334 
 https://community.sophos.com/kb/en-us/123140 
 https://community.sophos.com/products/xg-firewall/f/network-and-routing/96970/ip-sec-site-to-site-xg-and-utm 
 https://community.sophos.com/products/xg-firewall/f/network-and-routing/92870/ipsec-head-scratcher 
 https://community.sophos.com/products/xg-firewall/f/vpn/75359/ipsec-site-to-site-vpn---ping-one-way-but-not-other 
 and many more. 
 
 I tried to follow the original link above as closlely as possible, obviously changing IPs to suite my config, and have even tried tweeking firewall rules and watching firewall logs on both systems, nothing is pointing me in the right direction. has anyone successfully follwed the above guide or am i better off just upgrading the UTM to a XG right away (wanted to make it my remote site once i got a basic understanding of the config of XG.

dna · Accepted Answer

JDaus said: Now to my problem, i can ping from the local lan on the XG FW to the UTM but not back the other way. 
 Have you tried to ping after enabling ping for the VPN zone under 'Administration -> Device Access -> Local Service ACL'? 
 Since the ping in the other direction works i assume that the tunnel as such is working.