Guys I have a Netscreen 5xp and I like to think I know what I am doing with it (but you can be the judge of that). I have 3 boxes NAT'd behind the NS. One does mail, one web and one I use for VPN to my corporate LAN. I have VIPs for the web and mail but for the life of me I can't figure out how to pass VPN through for the 3rd. NS support says I must use MIPs but then I can't host my web or mail like I currently am (I only have one public IP). I set up a rule/VIP to forward Protocols 50 and 51 and UDP 500 like I am supposed to but it won't go. Linksys and other cheaper vendors make a simple button that opens the rule, but NS support says a VIP only supports 16 ports and not the whole range (0-65535) that I need for 2 protocols (ESP and AH). What in the heck can I do? Get another public and MIP it? Put a hub upstream of the 5xp and hang off that? Thanks, . . .
Nick, CISSP
Nick, CISSP