Hi,
I’m having issues with inbound email and inbound SIP calls for remote SRX firewall. Both email and sip work fine on local SRX firewall. Exchange 2010 and Skype for Business 2010 are the apps being used.
My current setup:
1) I have sip alg enabled on both SRX-340 firewalls.
2) 4 zones (trust, dmz, untrust and vpn), untrust used for static NAT and VPN zone used for passing traffic
3) static NAT is coming from untrust zone and vpn zone interfaces and host prefix IP is in dmz zone (this is Skype edge server)
4) proxy arp has been used from untrust interface to map untrust interface IPs
5) security policies have been used from untrust to trust zones using global address IPs
6) all routing is in 1 routing instance on both firewalls
Once I can get to a computer I will give more details on configs etc..
Can anyone shed any light on these issues? I’m migrating these firewalls from SSG-140s and I have the configs handy if needed (of course I’ll have to leave IPs off the public Internet due to security reasons).
Thanks,
Derek Hill
Sent from my iPhone