Hi All,
I have Netscreen 140 active-slave setup, I am able to ping both firewall management ip addresses from each other and the internal Switches and other devices.
We have a site to site VPN with other vendor, from where they are unable to ping/ssh/anything to the slave firewall. When they access any of our internal devices, then from there everything is working fine.
After a troubleshooting I found that, when they try to access the slave device, i turned on the debug and analysed get db stream and get event. This shown that there is an ip spoof log generated for each connection request.
When remote pc starts a ping, ssg will record the ip as 171.7x.13x.30.
routes:-
---------
set route 171.7x.13x.0/24 gateway 172.23.25.10
set route 171.7x.13x.128/25 interface tunnel.3
set route 171.7x.13x.0/24 interface tunnel.3 preference 5 description "newtun"
Could some one assist me how to fix this.
Attached is the part of the debug and get event logs..
regards
Rajesh