Hi. Can anyone help me to solve this. I cannot access my ftp, www, email servers from outside. Here is my config from netscreen system.
set clock timezone 0
set vrouter trust-vr sharable
unset vrouter "trust-vr" auto-route-export
set auth-server "Local" id 0
set auth-server "Local" server-name "Local"
set auth default auth server "Local"
set admin name "netscreen"
set admin password "xxxx"
set admin auth timeout 10
set admin auth server "Local"
set admin format dos
set zone "Trust" vrouter "trust-vr"
set zone "Untrust" vrouter "trust-vr"
set zone "DMZ" vrouter "trust-vr"
set zone "VLAN" vrouter "trust-vr"
set zone "Trust" tcp-rst
set zone "Untrust" block
unset zone "Untrust" tcp-rst
set zone "MGT" block
set zone "DMZ" tcp-rst
set zone "VLAN" block
set zone "VLAN" tcp-rst
set zone "Untrust" screen tear-drop
set zone "Untrust" screen syn-flood
set zone "Untrust" screen ping-death
set zone "Untrust" screen ip-filter-src
set zone "Untrust" screen land
set zone "V1-Untrust" screen tear-drop
set zone "V1-Untrust" screen syn-flood
set zone "V1-Untrust" screen ping-death
set zone "V1-Untrust" screen ip-filter-src
set zone "V1-Untrust" screen land
set interface "ethernet1" zone "Trust"
set interface "ethernet2" zone "DMZ"
set interface "ethernet3" zone "Untrust"
unset interface vlan1 ip
set interface ethernet1 ip 192.168.1.1/24
set interface ethernet1 nat
set interface ethernet2 ip 192.168.2.1/24
set interface ethernet2 nat
set interface ethernet3 ip xxxxxxxx.32/22
set interface ethernet3 route
unset interface vlan1 bypass-others-ipsec
unset interface vlan1 bypass-non-ip
set interface ethernet1 ip manageable
set interface ethernet2 ip manageable
set interface ethernet3 ip manageable
set interface ethernet1 dhcp server service
set interface ethernet2 dhcp server service
set interface ethernet1 dhcp server enable
set interface ethernet2 dhcp server enable
set interface ethernet1 dhcp server option lease 1440000
set interface ethernet1 dhcp server option gateway 192.168.1.1
set interface ethernet1 dhcp server option netmask 255.255.255.0
set interface ethernet1 dhcp server option dns1 xxxxxxx.100
set interface ethernet1 dhcp server option dns2 xxxxxxx.100
set interface ethernet1 dhcp server option wins1 192.168.1.1
set interface ethernet2 dhcp server option lease 1440000
set interface ethernet2 dhcp server option gateway 192.168.2.1
set interface ethernet2 dhcp server option netmask 255.255.255.0
set interface ethernet2 dhcp server option dns1 xxxxxxxxx.100
set interface ethernet2 dhcp server option dns2 xxxxxxxxx.100
set interface ethernet2 dhcp server option wins1 192.168.2.1
set interface ethernet1 dhcp server ip 192.168.1.2 to 192.168.1.10
set interface ethernet2 dhcp server ip 192.168.2.2 to 192.168.2.10
set interface ethernet3 dhcp-client enable
set interface "ethernet3" mip xxxxxxxxx host 192.168.2.2 netmask 255.255.255.255 vrouter "trust-vr"
set hostname ns25
set dns host dns1 xxxxxxxx.100
set dns host dns2 xxxxxxxx.100
set dns host schedule 06:28
set ike respond-bad-spi 1
set pki authority default scep mode "auto"
set pki x509 default cert-path partial
set group address "Trust" "Home" comment "Local Home Network"
set policy id 2 from "Trust" to "Untrust" "Any" "Any" "ANY" permit
set policy id 3 from "Trust" to "DMZ" "Any" "Any" "ANY" permit
set policy id 4 from "DMZ" to "Untrust" "Any" "Any" "ANY" nat src permit
set policy id 5 from "DMZ" to "Untrust" "Any" "MIP(xxxxxxxxx)" "ANY" nat src permit
set ssh version v2
set config lock timeout 5
set snmp port listen 161
set snmp port trap 162
set vrouter "untrust-vr"
exit
set vrouter "trust-vr"
unset add-default-route
exit