Netscreen 5GT Extended - DMZ issues - Cabling-Design.com Forums

- T
- tgfkarick
  
  Contact options for registered users
posted
18 years ago

Mon, Sep 5, 2005 10:24 AM

Hi,

Was wondering if anyone might be able to help me out with a problem I'm having with my Netscreen 5GT Extended.

I've got everything working coreectly in terms of trust and untrust so decided to get the DMZ set up. I've adready switch to the correct port mode, so I've simply set up a personal web server in the dmz ethernet.

I've set up a policy which allows me to gain access to the pc in the DMZ, this works fine. I've then set up a policy which goes from untrust to dmz for services http, ping and traceroute (the second two are for testing only). I've enabled logging on this policy but I get nothing.....

Any help would really be appreciated.

Many thanks,

Rick

- V
- Volker Birk
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Wed, Sep 7, 2005 3:42 PM

Hm... this is difficult, because I cannot see what your network equipment is doing from here.

Could you try to provide more information, please?

Yours, VB.

- S
- Sintec
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Sun, Sep 18, 2005 4:40 PM

Did you setup a MIP or VIP from untrust to dmz

perform a get mip or get vip cli command and check the public and private addresses are correct; Then turn loggin on the policies, if all fails perform a debug flow basic.

regards

Dave Sinclair NetScreen Authorised Security Instructor

formatting link