Hi all,
I am having a problem with inter VSYS routing using a shared DMZ zone. I am having some behaviour which I don't think is correct. I have created 2 x test VSYS. I have created a 'shared' DMZ zone & VR. I have then assigned the 2 test VSYS to that shared DMZ zone. I have then added routes in the shared DMZ VR to point to the networks behind each vsys. I can then thing ping each inside interface on the opposite VSYS which is good because traffic is routing etc. The problem is that it is doing this without any policies at all. It's letting any traffic pass between them? I would of thought you would have had to create policies on each VSYS? When I do a debug it's not showing anything.
I want the networks to be protected from each other. Any info appreciated.
Thanks
diagram attached.