1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Juniper SSG140 DMZ Setup Help

Discussion in 'Networking' started by dohman2011, Dec 12, 2011.

Thread Status:
Not open for further replies.
  1. dohman2011

    dohman2011 Thread Starter

    Joined:
    Dec 12, 2011
    Messages:
    1
    Hi,

    I have a Juniper SSG140 firewall and have been tasked with setting up a DMZ for the purpose of allowing incoming internet traffic to access a web server.

    I have setup the web server in it's own VLAN on VMware which is connected directly to the default DMZ port on the firewall. The web server has the IP Address of 192.x.x.1 and the DMZ port on the firewall is set to 192.x.x.1.

    I have setup MIP (Mapped IP address) on the internet port so 80.x.x.x maps to 192.x.x.x.

    I have setup a Policy for untrust > DMZ to allow HTTP traffic through with source based translation for backwards communication (DMZ > Untrust).

    I have a problem:

    1) The DMZ web server fails to communicate with the internet, not sure what I should be setting the default gateway to?

    Thus causing failure in accessing the web server externally.

    Any help with this would be most appreciated.
     
  2. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    6,300
    I haven't played with the SSG as it run on ScreenOS because it's from Juniper's acquisition of NetScreen. It seems similar to the SRXs which run Junos. If it is similar in operation, you may have to set a interface rule/policy which is separate from the policies created for inter zone traffic.

    Have you looked at the documentation on Juniper's website:

    http://www.juniper.net/techpubs/en_...on-products/pathway-pages/screenos/index.html

    Also, do you have post sales support?
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1030869

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice