SSG140 Different Interface Routing and VLANs

  • Hello,

    I have had a couple of SSG140’s running 6.2.0r8.0 for a couple of years in a simple configuration, however I need to change this.  I am not a CLI guru at all and manage to do everything I need to via the WebGUI, so help using this method would be preferable if at all possible, thank you.  Any help from experts would be appreciated.  I am sure that what I want to accomplish is not that difficult, however I have not managed to do it successfully myself.  The example of what I want to do follows, with changed IP Addresses.  This is working from a completely factory reset SSG140 to make it easier.

    Our data center provider has installed a router and it has 2 interfaces.  Interface 1 is for general internet access, setting this up is simple and it works fine.  Interface 2 is for accessing servers at their data center, this is what I am battling with.

    ethernet0/0 - trust -
    ethernet0/2 - untrust -

    The above works for internet access with the additional minimal configuration that was required.

    I have been told by the data centre IT to connect the second cable, from their router interface 2 to a spare port on the SSG, which I have done to ethernet0/4.

    Their brief instructions:

    • To access the internet (this I have done, except for the VLAN 200 part which I am not sure if I have to do or not?)

    • Set up SSG ethernet0/2 as a routed port with (VIP)

    • Use VLAN number 200

    • Default route to

    • To access the data center (this I am battling with?)

    • Set up SSG ethernet0/4 as an internal VLAN access port

    • Ethernet0/0 and ethernet0/4 to be in the same VLAN (Trust) segment

    • Use VLAN number 100

    • VLAN interface 192.168.100.x (x = an unused IP address)

    • Add static route to data center

    • Routing to data center next hop from SSG gateway