ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

SSG-5 gateway not passing all addys

07.29.09   |  
‎07-29-2009 07:09 AM

Slightly unusual problem, and possibly unrelated to the SSG-5. I have a 9 node system with 8 remote sites tunneling back to a prime site through the public internet. Plugging in locally to the trusted side of the prime site SSG-5, I have access to all devices on the network including the remote site trusted side devices. Using a VPN client session into the prime site from my office hours away, I have the same access to all devices except a few, and I've isolated them down to just one manufacturer. They are totally dark. However, if I start a VPN client session with any of the 8 remote sites, I can see everything including the products that were inaccessible remotely in a prime site session.

Example for clarification -

Connected locally I have addy and I have access to all devices including and 12.
Client session into prime site assigns me trusted addy from the pool. & 12 are inaccessible. All other devices are accessible.
Client session into remote site 1 assigns me trusted addy from the pool. & 12 are accessible.

Any thoughts are appreciated. Thank you.