Hello,
Both gateways version R81.20 Jumbo 65 and on the other one 26. Installed policy on both.
The communication to the management is via Internet and there is a firewall which protects it.
The new firewall is configure to have a private ip natted to public one, to go on Internet.
On gateway object, I configured under vpn link selection use Ip selection by remote peer, always use as statically natted ip, its public one.
As source ip address,I selected manually on the topology, using the internal ip address which is nattet to the public ip.
I configured master file to use public management and log ip addresses and on vpn excluded services, FW ICA is excluded.
The vpn to management works, but communication to crl does not happen and no log seen on management firewall about it.