i have an asa at one end and an sg300 at the other.
trying to get an IPSec tunnel going.
The tunnel comes up but the traffic between the tunnel is not being routed.
checked everything at the asa end and it seems fine.(as the tunnel is up)
when i ping frm the lan side of the asa to the lan side of the sg300 the logs on the asa clearly indicate the packet coming back to the asa from the sg300 is being natted to the public ip of sg300 rather than it being exempted and the packet is dropped by the asa.
how do i explicity specify that the ipsec traffic on the sg300 should be exempted from natting?
in cisco i can do nat exemption, but damm sg300, wherebouts is it? should i uncheck masquerading? if i do, all traffic will die from the sg300 lan!
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.