Running a Netscreen 5GT Extended mode and want to configure the DMZ. I have a FTP server in the DMZ and it can be accessed from the untrust to the dmz zone no problem after putting a policy and a VIP in place. My problem is I can't get from the DMZ to the Internet. I tried putting a policy in place for DMZ to Untrust allowing anything (for testing) and no go. In the log on the anything policy, I noticed that the source address and translated address are the same and bytes are being sent but not received...so I'm assuming NAT isn't working on the DMZ addresses. Is this a correct assumption? I don't have alot of netscreen knowledge so I can't figure out how or where to resolve this. Any help would be appreciated.
- posted
18 years ago