Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  SSG5... on DMZ with different subnet public IP

    Posted 07-08-2010 20:35

    I have set the SSG as defult ;

    Untrust eth0/0 route 219.xxx.xxx.151/28 (Gateway : 219.xxx.xxx.145)

    DMZ eth0/1 router 219.xxx.xxx.177/28 (different subnet)

    Trust eth0/2~6 NAT 192.168.1.x/24

    and installed NAS in DMZ as 219.xxx.xxx.178/28

    and already set route 0.0.0.0/0 interface ethernet0/0 gateway 75.146.xx.xxx.. done!!!

    so between Untrust and Trust should be fine..but between DMZ and Untrust doesn't work...

    I already set a policy from Untrust to DMZ as ANY to ANY and both....

    From outside(my home or compnay) network, I couldn't be reachable to the DMZ zone(219.xxx.xxx.177&178).

    Should I have to add any routing table?

    Please please..... hu~~~~~



  • 2.  RE: SSG5... on DMZ with different subnet public IP
    Best Answer

    Posted 07-09-2010 01:31

    Hi,

     

    Ask your provider if they route the net 219.101.212.176/28 to 219.101.212.151 (eth0/0 IP).

    Perhaps they have configured 219.101.212.146 (first free IP, so called default choice) as the next hop. You can also try to change the eth0/0 IP.

     

    Kind regards,

    Edouard



  • 3.  RE: SSG5... on DMZ with different subnet public IP

    Posted 07-11-2010 20:03

    Thank you so much...

    It was solved by changing routing table at L3 SWT as your advice...

    HaHa... stupid.... why I didn't check it... Thank you....