Netscreen 5GT Extended - DMZ issues

From: tgfkarick (rpurse_at_hotmail.com)
Date: 09/05/05


Date: 5 Sep 2005 06:24:14 -0700

Hi,

Was wondering if anyone might be able to help me out with a problem I'm
having with my Netscreen 5GT Extended.

I've got everything working coreectly in terms of trust and untrust so
decided to get the DMZ set up. I've adready switch to the correct port
mode, so I've simply set up a personal web server in the dmz ethernet.

I've set up a policy which allows me to gain access to the pc in the
DMZ, this works fine. I've then set up a policy which goes from untrust
to dmz for services http, ping and traceroute (the second two are for
testing only). I've enabled logging on this policy but I get
nothing.....

Any help would really be appreciated.

Many thanks,

Rick



Relevant Pages

  • Re: unable to apply group policy when server is in DMZ
    ... 'Windows cannot query for the list of Group Policy objects. ... Is there a simple firewall between the DMZ and main network, or is it a NAT device? ...
    (microsoft.public.windows.server.active_directory)
  • Re: Netscreen 5GT Extended DMZ setup
    ... > Running a Netscreen 5GT Extended mode and want to configure the DMZ. ... > to the dmz zone no problem after putting a policy and a VIP in place. ... Nat is enabled by interface OR by policy. ... You likely have neither enabled on your DMZ interface and policy. ...
    (comp.security.firewalls)
  • Re: Transmitting Sensitive Information between Servers
    ... We have a policy to not pass user name/password, ... servers within our DMZ. ...
    (Security-Basics)
  • Netscreen 5GT Extended DMZ setup
    ... Running a Netscreen 5GT Extended mode and want to configure the DMZ. ... I have a FTP server in the DMZ and it can be accessed from the untrust ... to the dmz zone no problem after putting a policy and a VIP in place. ...
    (comp.security.firewalls)
  • Re: Netscreen 5GT in Extended Mode
    ... In fact what routes should I have for the trust and untrust virtual routers? ... Trust-Untrust, Untrust-Trust, DMZ-Untrust & Untrust to DMZ? ... > Then, in the GUI, go to port mode and change it to extended port mode - ... > static route on the ADSL router such that 84.12.x.0/29 next hop is ...
    (comp.security.firewalls)