We have a DIP set up as such:
set interface "ethernet1/2" zone "Untrust"
set interface ethernet1/2 ip x.x.x.1/24
set interface ethernet1/2 route
set interface ethernet1/2 manage ping
set interface ethernet1/2 dip 18 x.x.x.3 x.x.x.3
We then have a policy allowing traffic outbound via this DIP:
set policy id 30 from "Production" to "Untrust" "10.0.0.0/24" "Any" "HTTP"
nat src dip-id 18 permit
set policy id 30
exit
This works perfectly for outbound traffic. However, for troubleshooting
purposes, we would like the outside world to be able to ping the DIP (ie,
x.x.x.3). Is there any easy (or hard) way to do this? Turning on 'manage
ping' for the "parent" interface seems to have no impact on the DIPs.
Thank you.
- Jason Parsons
_______________________________________________
nn mailing list
nn@...
http://qorbit.net/mailman/listinfo/nn
