Message Image

Skip main navigation (Press Enter).

Screen OS

last person joined: 8 months ago

This is a legacy community with limited Juniper monitoring.

Back to discussions

Expand all | Collapse all

Need Help setting up DMZ traffic outbound allow to untrust or www

Jump to Best Answer

Erdem02-11-2008 23:57

Hi Alls, I need help on how to enable a system in the DMZ to be able to access the internet. Not sure ...

oldtimer02-12-2008 07:25Best Answer

For any hosts that are in the DMZ zone, and you want it to communicate to the Internet (and you only ...

Erdem02-25-2008 15:16

Thank you so much for taking the time to answer my question.

1. Need Help setting up DMZ traffic outbound allow to untrust or www

0 Recommend
Erdem
Posted 02-11-2008 23:57
Hi Alls,

I need help on how to enable a system in the DMZ to be able to access the internet.
Not sure how to approach this.
Thanks in advance.

Mr.Sinista
2. RE: Need Help setting up DMZ traffic outbound allow to untrust or www
Best Answer

0 Recommend
oldtimer
Posted 02-12-2008 07:25
For any hosts that are in the DMZ zone, and you want it to communicate to the Internet (and you only have one public IP address available), you should use policy based nat.

For example, to allow everything from the DMZ to go to the Internet:

set policy from dmz to untrust any any any nat src permit

Interface nat will not work from dmz to untrust. Interface nat only works from trust to untrust.
3. RE: Need Help setting up DMZ traffic outbound allow to untrust or www

0 Recommend
Erdem
Posted 02-25-2008 15:16
Thank you so much for taking the time to answer my question.

Powered by Higher Logic