Screen OS

Hi All,

I have deploy the ssg 5 using ScreenOS 6.2 and I'm using MIP to publish my web server.

Here's the ilustration

======Web Server(Trust Zone) and Users=======[SSG]========Internet(Untrust Zone)

Users from internet are able to access MIP web server, but the user from trust zone which is in the same netwok

with the web server is unable to reach the MIP Web Server

here's my policy

from Untrust to Global

Source Any to Destination MIP Server action permit

from trust to Global

Source Any to Destination MIP Server action permit (With NAT Source)

Please Advice me how can I reach the MIP Web Server from Trust Zone

Thanks

hi Cunny,

do the following changes and let me know if it works for you.

from Untrust to Trust

Source Any to Destination MIP Server action permit

from Trust to Untrust

Source Any to Destination Any action permit

you don't need to use MIP in policy from Trust to Untrust.

regards,

Kamran Awan

Hi Kamran,

I've already change the policy bu still cannot access the Web Server Public IP, I'try to ping from the interface trust but still not replied....

However, I try using other SSG (SSG 140) and its ok.. I can ping it from interface trust..

Is it a Hardware problem?

Thanks

Problem solved, I should add routing to the MIP address interface (trust interface) without gateway...

That's weird...

Thanks anyway...