cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 2

NAT EXEMPTION on SnapGear SG300

hey all,

below is my scenario.

i have an asa at one end and an sg300 at the other.

trying to get an IPSec tunnel going.

The tunnel comes up but the traffic between the tunnel is not being routed.

checked everything at the asa end and it seems fine.(as the tunnel is up)

when i ping frm the lan side of the asa to the lan side of the sg300 the logs on the asa clearly indicate  the packet coming back to the asa from the sg300 is being natted to the public ip of sg300 rather than it being exempted and the packet is dropped by the asa.

how do i explicity specify that the ipsec  traffic on the sg300 should be exempted from natting?

in cisco i can do nat exemption, but damm sg300, wherebouts is it? should i uncheck masquerading? if i do, all traffic will die from the sg300 lan!

please help asap!!!!!!!!!!!!

cheers

1 Reply
Former Member
Not applicable
Report Inappropriate Content
Message 2 of 2

Re: NAT EXEMPTION on SnapGear SG300

it sounds like you have selected the Phase 2 Settings option Local Network = Local Endpoint ( Masquerared Access ) where as you should probably have Local Network = Network of Switch A or similar.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community