I have public IPs set up as MIPs to private IPs on the untrust interface. I have combed through all the policies and everything is set to any <--> any. However, I can not reach any of the MIPs from the servers being MIP'ed. The servers can browse any other site on the internet except sites hosted on the MIP'ed subet.
Nothing in the policies strike me as anything that would block the servers from browsing their own MIP'ed IPs.
Does anyone recognize the situation where a MIP can not access a MIP on a netscreen 500, but any other host on the internet can access the MIP and the MIP can access any other host on the internet.