I'm having trouble with a new zone I've created. I wanted to install a wireless access point for our office's guests, but keep it seperate from our subnet, so I created a new zone called "Wireless".
I put the zone in the Trust-vr, bound interface bgroup1 with e0/4, gave bgroup1 an IP of 10.201.179.1/24, created a DHCP scope for the interface, and verified that the routes were created for 10.201.179.0/24 and 10.201.179.1/32 to the 0.0.0.0 gateway. I created a policy from Wireless to Untrust to allow all traffic from any source in Wireless to any in Untrust, but it won't reach the gateway for e0/0.
I can create policies that allow Trust to Wireless and Wireless to Trust and they are able to see each other.
As far as I can tell, I have the settings for bgroup0, which is our main subnet, and bgroup1 identical, save for their subnets and zones.
Did I miss a step somewhere along the way that allows a zone access to the Untrust zone or am I going about this completely wrong?