Could anyone point me to the doc showing how to deploy using a one-armed strategy. (sslvpn using just a single interface in a dmz)
i have deployed SA with singel Interface in DMZ, i don't have any docuementation but i can help you how you can deploy it, it's very easy, you just configure your default route to your gateway, and use only Internal Port
Internal Port : 192.168.3.3/255.255.255.0
defaut route 0.0.0.0 0.0.0.0 192.168.3.1
in my example i used all Juniper's product SA and Firewall Netscreen
after create DMZ "Zone in Netscreen Firewall and configure interface or subinterface with Tag "Vlan" you put the SA witin Zone, for SA to be reachebel i created VIP from Public ip to SA ip "NAT dst".
after that i created policy rules on the firewall for diferente destination nedded
i hope this help you, you can find on attachemet schama