Hi,
after Googling half a day and not finding a solution, I'm sorry to post my question here, hoping for a solution.
I have a SSG5 with ScreenOS 6.3.
Setup is
Private network on 192.168.10.x/24 in bgroup0 on eth 0/3. 0/4, 0/5 and 0/6, zone Trust
Private network on 192.168.30.x/24 in bgroup1 on eth 0/1 and 0/2, zone DMZ
Internet access on 192.168.5.2 on eth0/0, zone Untrust.
Default route 0.0.0.0/0 to 192.168.5.1 (modem)
Policies:
Trust to Untrust: Any Any Any
DMZ to Untrust Any Any Any
Trust to DMZ Any Any Any
Interfaces are routed with NAT source translation in policies.
Trust to Untrust (internet access) is ok
DMZ to Untrust (internet) is ok
Connections from Trust to DMZ don't work (no pings, no rdp, ....).
Pretty sure it's in the routing, but I can't solve it.
Any help would be appreciated.
(I put eth0/1 and eth0/2 in a group (bgroup1) because I need to connect 2 devices and I don't want to install an extra switch).
Thanks for any tips.
Leo