I've put in a new SSG520 (6.3.0r11.0) and have some remote users connected via a Dialup VPN. There are several remote users who are configured to have a static IP address. Hosts within the Trust zone need to be able to initiate connections with these remote connected hosts. While the remotely connected hosts have no problem communicating with the Trust zone, the hosts within the Trust zone cannot initiate a connection with the remote connected systems.
If you need portions of the config just let me know what you're interested in as I'd rather not dump the whole config in this initial post. As far as I know this might just be some limitation with SSG. With regards to policy, currently I've added and any any rule for a host within the Trust zone to the dialup user zone so policy shouldn't be blocking.
Any help or advice would be appreciated!