Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 12 replies
  • Subscribers 2 subscribers
  • Views 43481 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DMZ to Internal

WA@Deluxe

Hi

Have been trying to get some of our DMZ servers to work with the UTM for services etc WEB proxy NTP with no luck


UTM has ..

Internal interface

External Interface

DMZ interface

and all sit behind a Juniper

DMZ hosts have access to Internal address of UTM but nothing works


FW log shows

2015:11:18-12:02:42 viper ulogd[3556]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth2" mark="0x315d" app="349" srcmac="58:8d:09:xx:xx:xx" dstmac="00:1e:0b:xx:xx:xx" srcip="193.xxx.xxx.xxx" dstip="10.8.xx.xx" proto="17" length="76" tos="0x00" prec="0xc0" ttl="62" srcport="123" dstport="123"

Cant think what i have missed or will it just not work ?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to /dev/nul
    Thanks That does not work... i will explain a bit further i think my setup is a bit iffy
    UTM
    external : 192.150.x.x
    Internal: 10.8.x.x
    DMZ: 193.X.x.x

    The host that is trying to get NTP and 8080 to the UTM is on 193..x.x.x same subnet as DMZ
    so 193.x.x.x >>>> 10.8..x.x 8080 and NTP

    Does that help a bit ?
  • 0 in reply to WA@Deluxe
    "The host that is trying to get NTP and 8080 to the UTM is on 193..x.x.x same subnet as DMZ
    so 193.x.x.x >>>> 10.8..x.x 8080 and NTP"

    Sorry, I can't parse that. Can you show a simple diagram?

    Cheers - Bob
  • 0 in reply to WA@Deluxe
    O_o I'm realy confused... Bob is right I think we'll need any kind of diagram to understand the config.

    Am I right?
    - External address is connected 2 Juniper
    - UTM ist connected 2 Juniper
    - UTM got a private IP on the external interface
    - Juniper forwards some Ports (maybe all) 2 the private IP of the UTM

    But where is the DMZ located?
  • 0 in reply to /dev/nul

    So am i :)

    Answers to your questions all Yes

    have done a hand diagram attached hope that helps

    My guess is that i need to apply a public ip to the External interface on the UTM ?

    Sorry for the orientation