Hi Mayur, Please find the answers below. Let me know if anything else required Q1)What are you seeing under traffic logs? It is matching security policy and NAT, also is traffic going on correct WAN interface? Ans i cannot see traffic logs. i think i requires license. There is single WAN interface which is connected to R2. Security policy and nat rule are in snap posted earlier. 2)Where both these subnet resides as DMZ subnet configured on firewall is 172.16.1.0/24 and below server IP belongs to different subnets? 172.16.1.2/24--R3 interface ip connected to PA , (172.16.16.16/32, 172.16.17.17/32---R3 loopback) . All are in same zone i.e DMZ 3)Do you have reverse routes on firewall for IPs 172.16.16.16&172.16.17.17 ?
... View more