I'm in the process of building a test environment/network.  The 2 networks each with Juniper Netscreen firewalls (5GT and 5XT) have to be able to route to each other becuase of certain firewall policies we may have to enable on demand.  Currently, our production Netscreen Firewall (5GT) is set to NAT mode with 3 interfaces enabled (trust, untrust, and dmz).  Our test firewall is also configured for NAT and has 2 interface set up (trust and untrust).  The untrust interface points of the test firewall points to the trusted interface of the production firewall.  

My problems is routing between the 2 networks.  When I have a machine connected directly to one of the trusted port of the 5XT (Test), the test machine can route to the production network fine.  I can not add a static route from my production network to test in this scenario becuase the trusted interface is not connected to the production network.   Is it possible to have the firewall route to the untrusted interface of the 5XT and from there route to the trsted?  If I have the firewall, both untrust and trust ports plugged into our switch, it bombs and no routing occurs.

I'm probablly confusing the hell out of everyone... attached is a diagram which may help.

Thanks for your help in advance,
Henry
diagram.JPG