Hi
Actually there is a default route on the Trust Vr is the Untrust Vr. I can ping the server from the public Internet, but the application itself uses https to access the server and I dont even see that https traffic when I check the security flow sessions on the firewall, only icmp traffic from the ping.
spuluka wrote:Since your traffic is coming in the untrust are you sure the return route from the trust vr to the accessing host is back to the untrust vr?
what is in the active route table for trust vr on the outside host
show route x.x.x.x table trust-vr.inet.0
This return path may go out to your default route and not back to the untrust-vr. If that is the case you can source nat the traffic inbound so it gets an interface address inside the untrust vr as the return path.