SSG5 Static Routes
jimmy last edited by
This is my Lab Scenario Site-A and Site-B both has SSG5 firewalls and their respective Lans.
bgroup0(e0/2-e0/6) (172.16.0.1/23) trust-lan
e0/0 (192.168.1.100/24) Untrust
Tunnel.1 192.168.2.9/30 trust
bgroup0(e0/2-e0/6) (192.168.3.1/26) trust-lan
e0/0 (192.168.1.200/24) untrust
Tunnel.1 192.168.2.10/30 trust
i have created Static Route on Site A set route 192.168.1.0/24 e0/0 192.168.1.200
set route 192.168.3.0/26 Tunnel.1 192.168.2.10
set route 192.168.2.0/30 Tunnel.1 192.168.2.10
i have created Static Route on Site B set route 192.168.1.0/24 e0/0 192.168.1.100
set route 192.168.3.0/26 Tunnel.1 192.168.2.9
set route 192.168.2.0/30 Tunnel.1 192.168.2.9
Am not able to ping Lan-B from (Firewall A or Lan A) and vice Versa.
Am able to ping Untrust on either sides from firewalls.
am able to ping Tunnel interfaces from FirewallA,B but not from LanA, LanB
what policy need to be created so that i can ping Lan B from Lan A and vice versa?
I have used Tunnel Interfaces as gateways for creating static routes is that correct?
echo last edited by
You need to add at least Untrust->Trust policies in both sides to get visibility in both directions.