Hello,
I have set up on a SSG140 a MIP on the Untrust interface.
I can now create the policy for incoming connections. This will work without problems.
For the opposite direction, I have set up an any-to-any connection.
Now I would like to create for the direction DMZ-to-Untrust policies.
Is that possible? Do I need to set up on the DMZ interface a MIP?
So far, nothing works except any-to-any.
I have configured the SSG as follows:
Untrust - Public IP / 32 - Route
DMZ - Privat IP / 32 - NAT
Untrust-Interface
- All available IP-Adresses MIP(PublicIP)-PrivatIP
Policy - Untrust to DMZ
Any to MIP + Port/Service
Policy - DMZ to Untrust
Any to Any
Please help me.
regards