Here is my setup:
SSG140
Hardware Version 1010(0)-( 0)
Software Version 6.1.0r2.0
eth0 private LAN - 192.1.1.0/24 (mail server 192.1.1.250)
eth2 public network - 1.1.1.33/27 - renamed to 1.1.1.x for privacy (wan ip of ssg 1.1.1.38)
My mission is is to forward mail traffic from 1.1.1.45 to 192.1.1.250 - port 25 smtp
I followed these instructions for a VIP
http://kb.juniper.net/CUSTOMERSERVICE/index?page=kbdetail&article_id=KB4740
On the VIP page the status says OK under the smtp service
I can telnet into the ssg and ping 192.1.1.250
When i try to telnet to 1.1.1.45 port 25 i get a timeout (from another system connected to the public WAN side)
When i check my policy log (created as per the instruction kb above) i get this:
bytes sent 198, bytes received 0, close reason: age out, source/destination and translated address/port all show correct
Destination route table shows lan and wan assgned to the correct interfaces
policy is
Untrust/Any Global/VIP(1.1.1.45) SMTP Permit
I turned on all logging including debug, nothing shows in the logs related to this
I am not sure what to check next, any ideas?
Message Edited by techguru on 11-06-2008 10:51 AM
Message Edited by techguru on 11-06-2008 11:01 AM
Message Edited by techguru on 11-06-2008 11:07 AM