AnsweredAssumed Answered

Performing SIC with Mgmt behind NAT

Question asked by Antonio M on Feb 4, 2019
Latest reply on Feb 6, 2019 by Antonio M


I'm unable to perform the initial SIC between a gateway and a management behind a NAT. I went through all the posts regarding this matter without success. 


I've created a dummy object with the NATed IP and created the corresponding NAT rule between the private and NATed IP. The gateway performing the NAT is another Check Point device as well. I've tried with manual static NAT and using the "Add Automatic Address Translation rules" option under the management NAT section without success


The traffic is allowed in the gateway and I see the logs for the returning traffic as allowed and translated as well correctly, but running a tcpdump in the management the traffic does not reach the management, I only see SYN packets and retransmissions. For some reason the traffic is being consumed by the gateway?


Management runs R80.10 and gateway R77.30.


Any ideas?


Thanks in advance.