Let me expand on the subject, as thats not very clear.
Basically we have Router -> SSG20 -> LAN. I've configured a number of VIP on the untrusted zone that direct traffic to different servers on the LAN. (for example SFTP, PPTP and two ports 9090 and 81 that have http traffic).
When accessed from 'external' (i.e. anyone on the other side of the router) ip addresses all is well and working correctly.
However when someone on the LAN tries to get the service using the external url I get mixed results: SFTP and PPTP both work, but the 9090 and 81 work but stylesheets are disabled and some other weird behaviour.
Looking at the log file on the policy of the SSG20 the 9090 and 81 when accessed internally results in a Close - TCP RST.
Any ideas?
The configuration of the SSG20 is pretty simple. One untrusted zone, with one port to the router. One trusted zone with three ports to the LAN. VIP is configured on the untrusted zone, and a policy has been created for each of the VIPS. - Like I said externally everything looks dandy,.. just the internal calls (by the way if the internal calls use the local ip addresses they work!).
Regards