Hello,
I am having some difficulties on our newly setup firewall. We have 2 zones configured; Untrust>going to our external network nad Trust>going to our LAN network. For this setup we will allow our LAN network to reach external network (192.2.3.0/24). I have configured 2 policies for both zones to permit ANY,ANY and set the default gateway for SSG140 to next hop towards external router but still I was unable to reach external network from our "Trust" LAN network. I am not sure what I have missed. Attached is the SSG140 config. Appreciate if someone could help me on this. Thanks.
set zone "Trust" vrouter "trust-vr"
set zone "Untrust" vrouter "trust-vr"
set interface "ethernet0/0" zone "Untrust"
set interface "ethernet0/2" zone "Trust"
set interface ethernet0/0 ip 10.151.1.252/24
set interface ethernet0/0 route
unset interface vlan1 ip
set interface ethernet0/2 ip 100.100.2.1/24
set interface ethernet0/2 nat
set address "Trust" "10.10.1.0/24" 10.10.1.0 255.255.255.0
set address "Untrust" "10.151.1.0/24" 10.151.1.0 255.255.255.0
set vrouter "untrust-vr"
exit
set vrouter "trust-vr"
exit
set url protocol websense
exit
set policy id 1 from "Trust" to "Untrust" "Any" "Any" "ANY" permit log
set policy id 1
exit
set policy id 2 from "Untrust" to "Trust" "Any" "Any" "ANY" permit log
set policy id 2
exit
set route 0.0.0.0/0 gateway 10.151.1.251