[VPN] Help

Exo Wa exo_wa at yahoo.com
Thu Mar 13 04:17:35 EST 2003


Hi, 
I am from a Desktop support environment now been
assigned to setup firewall and vpn using netscreen 25
Technically, I am very new to networking and
especially brand new to NetScreen 25 product.

I am working for a small company which has 25
employees total and about 20 servers

Unfortunately, to cut cost, my boss didn't buy Tech
Support.  NetScreen one year email support is very
very slow in response. I am frustrated...so i came
across your site via google.

Basically, NS-25 has three Ethernet ports. I am using 

Eth3(configured as Untrust, Route) to go out to the
Internet via our existing Cisco Router. 

Eth2 (DMZ,Route)will be used to host all the 20
servers with the public IPs that we have. Since, Eth2
cannot be assigned IPs of the same subnet as Eth3,
it's been suggested that we use private IP and MIP to
the public ones. 

Eth1(Trust, NAT) will be used for our private network
(192.x.x.x).

So far, i can ping to the Internet from both networks
(behind eth1 and eth2)but i cannot ping Eth1 from Eth2
or vice versa.

Questions:
1) How can i configure Eth1(Trust) and Eth2(DMZ) so
that the two can see each other. 

2) My WebServer is bound to a private IP 192.168.1.20
and MIPped to one of our public IPs but could NOT hit
the server from the outside. What did I do wrong? Or,
what else should i configure?


Any help on this would greatly appreciated.

Thanks for your help in advance.

-Exo


__________________________________________________
Do you Yahoo!?
Yahoo! Web Hosting - establish your business online
http://webhosting.yahoo.com



More information about the VPN mailing list