Devon,
Is the 192.168.1.254 address changed for this email - is it publicly
accessible? If so, all you have to do on the untrusted side of the 5 (not
5XP), enable web/ telnet access.
If it is not, assign another private IP to the external IP in a MIP fashion.
Steve Clark
Clark Systems Support, LLC
AVIEN Charter Member
www.clarksupport.com
301-610-9584 voice
240-465-0323 Efax
-----Original Message-----
From: Devon True [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 19, 2001 8:32 PM
To: [EMAIL PROTECTED]
Subject: Netscreen 5: Access to System IP with NAT Mode from untrusted side
All:
We have a Netscreen 5 in NAT mode. The untrusted interface is 10.10.10.1
(changed to protect the innocent) and the trusted interface is
192.168.1.254. The system IP is also 192.168.1.254.
If I am on the trusted side, I can web/telnet to 192.168.1.254. However, if
I am on the untrusted side, I cannot browse to 192.168.1.254 due to it not
being in the routing table. I could go to any 10.10.10.0/24 addresses since
that is in the routing table.
Is it possible for me to map the 10.10.10.1 address to 192.168.1.254 so that
I can configure the Netscreen from the untrusted side? I have tried several
things, but everything fails.
Another question is, what are the constraints on the system IP address? Does
it have to exist in the trusted interface's IP network? Or can it be an IP
from the untrusted interface's network?
Thanks for your help!
Devon
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
