1 Reply Latest reply on Dec 15, 2011 9:08 PM by rcamm

    NAT EXEMPTION on SnapGear SG300

      hey all,

       

      below is my scenario.

      i have an asa at one end and an sg300 at the other.

      trying to get an IPSec tunnel going.

      The tunnel comes up but the traffic between the tunnel is not being routed.

      checked everything at the asa end and it seems fine.(as the tunnel is up)

      when i ping frm the lan side of the asa to the lan side of the sg300 the logs on the asa clearly indicate  the packet coming back to the asa from the sg300 is being natted to the public ip of sg300 rather than it being exempted and the packet is dropped by the asa.

      how do i explicity specify that the ipsec  traffic on the sg300 should be exempted from natting?

      in cisco i can do nat exemption, but damm sg300, wherebouts is it? should i uncheck masquerading? if i do, all traffic will die from the sg300 lan!

      please help asap!!!!!!!!!!!!

      cheers