hello all, my problem is, that IP_FORWARDING(ROUTING) on the external firewall works only great, if the firewall is down ]-;. I can access all internet services from internal network without any proxy functionality. if i start the firewall, i always receive deny of ports messages in the log file. in my opinion it's a problem with unprivileged ports, but the settigs in the firewall.rc.config are switch on "yes" for unprivilegd ports. So the question is: how can i route the traffic to the Web-Server, Application-Server and Internal-Firewall on dedicated ports, if the firewall is up and blocks the the most ports except mail, www, domain and so on??? THANKS FOR HELP i've got the following configuration: |-----------------| | | | T-Interconnect | | Router | | | |-----------------| private network address | | | | Transfer-Network private address band (192.168.0.x) | | | |-----------------| private network address | External | | Firewall | | | | firewall/IP_FORW| |-----------------| official network address | | --------------------- | | | | | |-----------------| official network address | | example for | | | DMZ-Server | | | | | | Apache | | |-----------------| | | |-----------------| official network address | Internal | | Firewall | | | | firewall / masq | |-----------------| private network address | | | | | COMPANY LAN (Network with private address band (195.88.235.x)) Bernd Erk Information Systems Engineering Fon: + 049 9123 9772 13 Fax: + 049 9123 9772 22 Mobil: + 049 172 8289944 Mail: mailto:Bernd.Erk@ise-informatik.de ---------------------------------------------- Die Demokratie ist ein Verfahren, das garantiert, daß wir nicht besser regiert werden, als wir es verdienen. George Bernard Shaw (1856-1950)