Problem with NAT over ipsec tunnel

Can you draw a little map? 

NAT in IPsec can become tricky. 

(from the XG perspective): SNAT will be performed in the IPsec Configuration.

DNAT will be performed in the Firewall Page. 

What do you want to do? 

Can you draw a little map? 

NAT in IPsec can become tricky. 

(from the XG perspective): SNAT will be performed in the IPsec Configuration.

DNAT will be performed in the Firewall Page. 

What do you want to do? 

IPSEC -----> 172.18.X.X ----> printer

10.16.X.X Network Subnet

if NAT 172.18.X.X to 10.16.x.x ----> i can get over to IPSEC

Printer on 172.18.X.X ---> cannot access IPSEC anymore

i need to do both functions using IPSEC NAT

thanks

Still not 100% clear.

So you have a local Network, you have a remote network and optional a NAT Network (SNAT).

Local Network - XG - IPsec Tunnel - Other Device - remote Network. 

In Case of SNAT, you would replace "Local Network" with a "Fake Network (called NAT Network)". 

I have 2 networks on the XG a 10.16.0.0 and a 172.18.0.0

the IPSEC connects over the 172.18.0.0

the local subnet to access resources over the ipsec tunnel since it is not allowed to go over the ipsec tunnel i have to NAT the 172.18.0.0 to 10.16.0.0

everything is working and i can access all required resources

one thing that i have if i want to use any device on the 172.18.0.0 network it does not find its way back to the tunnel as the XG thinks it is NATed over to 10.16.0.0 network.

Thank you for assistance.

Sorry Waleed,

still confusing. Can you share a network diagram? Also on XG, please share network interface tab screenshot.

Thanks