NAT/MASQ using RED

Question

Thought I posted this up but seems to have disappeared. 
 Here is the situation. 
 Two SG210's. HQ SG210 is the RED Server and the remote is a RED Client. Set up to extend an ethernet connection/lan to the remote site from HQ (let's call it 192..168.10.x/23). 
 REDS1 is bridged to Eth5 at HQ and REDC1 is bridged to Eth5 at the remote. RED is up and we can ping across the connection and dhcp works. No problems there. However, if a client pc at the remote site using 192.168.10.100 tries to access the internet it does not go out. What we noticed is that the address is not being NAT'd (actually MASQ) and the pre-nat address is being sent out. 
 But, if I try and access the internet from a PC at HQ at IP Addr 192.168.10.50 it works just fine (NAT and all). 
 The default gateway for this network is not on the UTM at HQ but rather a L3 switch (192.168.10.1/23). The switch then sends it to Eth0 on the HQ SG210 using 192.168.200.1 on a dedicated vlan (switch is 192.168.200.2) for internet access. 
 It almost seems like the bridged interface (BR0 that binds Eth5 and REDS1) on the HQ SG210 is seeing the address, putting it in it's mac table and for some reason deciding it does not need to be NAT'd going out to the internet for the connections coming across the RED tunnel. 
 Called sophos support and they were lost :-( 
 thanks !!

way2fast59 · Accepted Answer

Ended up finding a work-around on this. 
 We split the networks up into two RED Servers using a temp vmware UTM 9.4. Passed all the networks into this different head-end device and then back hauled the traffic to the primary UTM which then picked up the addresses and NAT worked without issues. 
 My guess (and correct me if I'm wrong as I'm no Linux Guru) is that the UTM was seeing the traffic as locally generated when being processed through the bridge interface and not applying the correct NAT or MASQ to the packets as they went out the WAN interface. 
 Just thought I would update.