I am moving a Mailserver from the internal network to the DMZ. This move should be invisible for the enduser. Lat but not least: Some hundred mail clients are configured to consult an IP, not a name: I can't solve the issue by configuring my DNS server. This is my configuration: 200.x.x.x (public IP) | SuSEfirewall-192.168.254.1--------192.168.254.2 MailServer | 192.168.0.249 | internal network I have to access the mailserver by an IP in the 192.168.0.0/24 range. External traffic I can easily redirect with FW_FORWARD_MASQ= to an IP in the DMZ. Internal traffic I can redirect to a local port on the firewall with FW_REDIRECT. Is it possible to redirect all traffic coming on the internal interface for 192.168.0.249 to 192.168.254.2 ? Any Custom rule? I was googling quite a while to, didn't find any rule doing a forward on the internal interface. Any idea is appreciated! Thanks Enrique -- Dirk Enrique Seiffert - Lintec S.A. Ed. Torre del Reloj - Of. 401 Plaza de los Coches, Centro Cartagena - Colombia http://www.lintecsa.com -- Este mensaje ha sido analizado por MailScanner en busca de viruses y otros contenidos peligrosos, y se considera que est limpio.