02-07-2010 02:17 PM
Hi, I have an SSG with a couple of servers running on the trusted interface. I have a few ports published via VIP and they are accessible from the internet. I have one server on the DMZ interface but cant get the port forwarding working to that server.
I currently have an allow all policy from DMZ > UNTRUST and from UNTRUST > DMZ
I also have VIP configured on the UNTRUST interface to forward the port to the ip of my server in DMZ
Am I missing something here?
Solved! Go to Solution.
02-07-2010 11:04 PM
Sounds like you have covered it, can you post config related to VIP and Policies for services you are trying to forward?
02-07-2010 11:05 PM
Sorry for double reply, but....
The policy for untrust to dmz allow all won't work for the VIP.
You have to create a policy and place it above the any with the vip as the destination.