[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

NetScreen 5GT MIPs Shutdown Internet Access!!

Posted on 2004-09-16
2
Medium Priority
?
483 Views
Last Modified: 2008-01-09
Hi guys! Ive setup my netscreen 5gt in a dualt untrust mode (but I only have my wireless T1 line plugged in) and I have a /28 Ip Range.  I wanted to give specific computer a permanent IP (My webserver) and also allow access to that server from the outside. Here is how I have it setup:
Webserver:
x.x.15.212 (mapped ip using mask 255.255.255.255) => 192.168.0.11 (using the trust-vr routing) Policies: Allow Any ICMP, DNS, HTTP, HTTPS
Test Computer:
 x.x.15.213 (mapped ip using mask 255.255.255.255) => 192.168.0.12 (using the trust-vr routing) Policies: Allow Any

The webserver works beautifully, but whenever I map anything else using similar policy configurations they all of a sudden do not have internet access any more. They can still go around the local area network, but they do not have any access throught the firewall. Thought if there is no MIP to that specific private IP the person has internet access, but cannot get people to go to that server. I have also tried just using policies with the Advanced setup to have all IPs sent to x.x.15.213 to be translated by NAT to 192.168.0.12.  I use a /16 private IP space and all my computers with DHCP can get to the Internet fine. This is my first time dealing with the netscreen, and I have no idea why multiple MIPs will not work. Everything looks like it should. Please help!!
0
Comment
Question by:cohortq
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Author Comment

by:cohortq
ID: 12115067
I have found the answer!! I was reassigning IPs that were in use prior to me mapping them. They would not work because the ARP cache of the Router and netscreen still showed them mapped to a specified adapter.  By clearing the ARP cache of both the perimeter router and the netscreen I was able to get these mapped IPs to work. YAY!!
0
 

Accepted Solution

by:
PAQ_Man earned 0 total points
ID: 13570896
Question Closed, 500 points refunded.
PAQ_Man
Community Support Moderator
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question