Hello,
Thanks for the reply. Sorry for the delay in getting back to you. To understand more on your statement, I have attached a visio diagram for your reference. The zones on the internal FW are not defined on the External Firewall. The internal fw has subinterfaces for the dfifferent zones.
Now if the external IP from the "Internet Zone" wants to access the "Server Zone" then do we need to add the following policy on the external FW
Internet Zone to Trust Zone on the external Firewall
or
Internet Zone to Server Zone on the External Firewall
then on the internal fw
Internet ZOne to Server Zone
or
Trust Zone to Server Zone
Thanks