Hi,
 
We have have an MX95 with few services behind.
 
To publish these services we create a NAT 1:1 and allow inbound rules.
Then on the top of that we also have an outbound rule that allow any protocols from any ip to any.
 
My issue is : The published services works fine as incoming traffic is match by inbound rules, but when we try access outside resources from the server that hold the services, it does not work unless we had an inbound rule that allow incoming from any ip and from any port.
 
so it seems that firewall does not care of established sessions from the inside or return traffic.
I thought that MX95 as stateful firewall handle these kind of thing by default.
 
What could be the issue ?
 
Thanks by advance for any help.
 
FB.