hi guys,
i am trying to get a DHCP relay over a site to site VPN working, but it looks like that the relayed packets are getting masqueraded by the XG with the IP address of the egress interfaces. (see screenshot). 
ipsec0 Link encap:Ethernet HWaddr 62:7F:E6:10:3B:FA
inet addr:169.254.234.5 Bcast:0.0.0.0 Mask:255.255.255.255
Port7 Link encap:Ethernet HWaddr 7C:5A:1C:79:0E:8D
inet addr:172.19.19.1 Bcast:172.19.19.255 Mask:255.255.255.0
Port1 Link encap:Ethernet HWaddr 7C:5A:1C:79:0E:87
inet addr:10.5.2.1 Bcast:10.5.2.255 Mask:255.255.255.0
This causes the packets not to be routed trough the IPsec tunnel. (1st line in the screenshot).
Same behavior applies to a server connected to a LAN Port (2nd line in the screenshot - this was only for testing, it's not useful for the needed deployment setup)
The relay is configured on Port 1 (10.5.2.1). I'd expect this to be the source IP of the relayed packets to work over the IPsec tunnel.
I tried with the option "Relay Through IPsec" enabled and disabled - no difference.
Am i missing something? Does anybody have an idea how to get this working?
Best regards
Tobi
This thread was automatically locked due to age.
