I have a server sitting on a dmz network, 192.168.10.2, which has a natted address and is available to the outside/internet. However, I'd like to be able to get to it from my computer on the internal network, but I can't so far. I need to open tcp port 3389 for terminal services access, and was going to add icmp while I was at it so I can ping the server. Neither works, however - the dmz interface is security10, while the internal interface is security100, and the external interface to the internet is security100. I used conduit statements like 'conduit permit tcp host 192.168.10.2 eq 3389 host (my ip address on the internal network), which didn't work, so I then tried 'conduit permit tcp host (my ip address on the internal network) eq 3389 192.168.10.2', which didn't work either.
Any suggestions how I can do this? Thanks in advance!