got it sorted after an hour. They had the wrong tunnel endpoint IP, completely botched their ACLs, and werent routing traffic through the VPN.
So 3 of the most important things besides the PSK and the packet settings. good times. its 10pm and Im packing for a flight!