To Alan Strassberg - Routing On Netscreen 5XP

- B
- Ben
  
  Contact options for registered users
posted
18 years ago

Wed, Aug 3, 2005 2:51 PM

Hi Alan,

Dunno if you remember, but last week I posted a topic on routing through a Netscreen 5XP, to which you replied. I tried your solution, and could ping through the 5XP, managed to ping the gateway (192.168.0.1) and open the gateway http management page. However I couldn't get traffic to go any further than this. But if you plug into the network on the other side, not going through the netscreen, then I could go out through the gateway!

Any ideas why I can't reach the internet when behind the netscreen?

Many thanks for your help

Ben

Loading thread data ...

- A
- Alan Strassberg
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Sun, Aug 7, 2005 5:00 PM

I said ...

set interface trust ip 192.168.0.2/24 set interface untrust ip 10.0.0.1/24 set route 0.0.0.0/0 interface trust gateway 192.168.0.1 set policy id 7 from "Untrust" to "Trust" "10.0.0.10" "192.168.0.1/32" "ANY" nat src permit log

No, the policy ID doesn't matter.

If 192.168.0.1 is the gateway the route needs to go there.

alan alanstrassberg @ yahoo.com

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.