Message Image

Skip main navigation (Press Enter).

Screen OS

last person joined: 8 months ago

This is a legacy community with limited Juniper monitoring.

Back to discussions

Expand all | Collapse all

Netscreen ns25 DMZ internet access problems....

Jump to Best Answer

Erdem11-23-2009 06:28

I ave a number of Windows Server 2003 machines on a DMZ using a Netscreen ns25 - the ones that have MIPs ...

null_tomdwyer11-23-2009 09:38Best Answer

You need to make sure that your policy has the network address translation setup as well. From ...

Erdem11-24-2009 00:32

Thank you - worked perfectly!! Very much apreciated.

1. Netscreen ns25 DMZ internet access problems....

0 Recommend
Erdem
Posted 11-23-2009 06:28
I ave a number of Windows Server 2003 machines on a DMZ using a Netscreen ns25 - the ones that have MIPs assigned to them (web server, FTP server) have outgoing internet acces but a couple of others we're using to develope a new website do not have MIPs (we have no external IPs free to assign to them) will not connect to the internet at all - local network, default gateway all ping without a problem.

I'm assuming that it is the ns25 stopping it - there is a policy to allow ALL fro DMZ to Untrust.

Any help would be greatly appreciated!

Cheers
2. RE: Netscreen ns25 DMZ internet access problems....
Best Answer

0 Recommend
null_tomdwyer
Posted 11-23-2009 09:38
You need to make sure that your policy has the network address translation setup as well.

From the CLI

set policy from "DMZ" to "Untrust" "Any" "Any" "Any" nat src permit log
save

From the Web Gui

Edit the rule you have already created, then click on advanced and make sure that source translation is checked with use egress interface IP. Then click okay and give it a try.
3. RE: Netscreen ns25 DMZ internet access problems....

0 Recommend
Erdem
Posted 11-24-2009 00:32
Thank you - worked perfectly!!

Very much apreciated.

Powered by Higher Logic