Here is my scenario: Netscreen A internal IP address 192.168.1.1(eth1 trust-vr) and external IP address of 5.5.5.5 (eth3 untrust-vr) Netsreen B is simialr and it has internal IP address of 192.168.20.1 and an external IP of 10.10.10.10. I used the wizard to set up a route based VPN on both machines reversing the IPs where needed. The wizard correctly created the Policies which appear to be working fine. Here is my problem: from the .20 network (behind Netscreen B) I can ping the .1 network (behind NS A) however I can't ping from .1 network to .20 network. The packets go out the trust-untrust policy but I see no return packets. Is there an easy way to check on NS A to see if the packets made it there and came through the tunnel? Anyone have Ideas what might be wrong?

I have no idea about what might be wrong,sorry.others may know.