Hi, Hoping someone can point out my mistake here! I have SuSE 9.0 running with 3 NICS (eth0=internet, eth1=192.168.0.0/16, and eth2=10.62.56.0/24). Everything with the internet is working great. The problem is routing traffic between eth1 and eth2. I've set both networks as trusted, set FW_FORWARD, and enabled FW_ALLOW_CLASS_ROUTING. Nothing has seemed to work. Posted is also a copy of my /etc/sysconfig/SuSEfirewall2. I'd like to allow all traffic between these 2 networks. Any ideas? ------------------------------------------------------------------- FW_QUICKMODE="no" FW_DEV_EXT="eth0" FW_DEV_INT="eth1 eth2" FW_DEV_DMZ="" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="192.168.65.224/27 10.62.56.0/24 192.168.0.0/16,<mail server ip>/32 10.62.56.0/24,<mail server ip>/32" FW_PROTECT_FROM_INTERNAL="no" FW_AUTOPROTECT_SERVICES="yes" FW_SERVICES_EXT_TCP="http https ssh" FW_SERVICES_EXT_IP="" FW_SERVICES_DMZ_TCP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_INT_TCP="" FW_SERVICES_INT_UDP="" FW_SERVICES_INT_IP="" FW_SERVICES_QUICK_TCP="" FW_SERVICES_QUICK_UDP="" FW_SERVICES_QUICK_IP="" FW_TRUSTED_NETS="192.168.0.0/16 10.62.56.0/24" FW_ALLOW_INCOMING_HIGHPORTS_TCP="no" FW_ALLOW_INCOMING_HIGHPORTS_UDP="DNS" FW_SERVICE_AUTODETECT="yes" FW_SERVICE_DNS="yes" FW_SERVICE_DHCLIENT="no" FW_SERVICE_DHCPD="yes" FW_SERVICE_SQUID="yes" FW_SERVICE_SAMBA="no" FW_FORWARD="192.168.0.0/16,10.62.56.0/24,tcp,1:65535 10.62.56.0/24,192.168.0.0/16,tcp,1:65535 \ 192.168.0.0/16,10.62.56.0/24,udp,1:65535 10.62.56.0/24,192.168.0.0/16,udp,1:65535 \ 192.168.0.0/16,10.62.56.0/24,icmp 10.62.56.0/24,192.168.0.0/16,icmp" FW_FORWARD_MASQ="0/0,192.168.65.227,tcp,5800 0/0,192.168.65.227,tcp,5900 \ 0/0,192.168.65.227,tcp,5632 0/0,192.168.65.227,udp,5632" FW_REDIRECT="" FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="yes" # Jason Dobbs FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="yes" # Jason Dobbs FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix SuSE-FW" FW_KERNEL_SECURITY="yes" FW_STOP_KEEP_ROUTING_STATE="no" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="no" FW_ALLOW_PING_EXT="no" FW_ALLOW_FW_TRACEROUTE="yes" FW_ALLOW_FW_SOURCEQUENCH="yes" FW_ALLOW_FW_BROADCAST="no" FW_IGNORE_FW_BROADCAST="yes" FW_ALLOW_CLASS_ROUTING="yes" FW_CUSTOMRULES="" FW_REJECT="no" FW_HTB_TUNE_DEV="" ----------------------------------------------------------------------------------- -- Thank You, Jason Dobbs . IT Manager Westin Casuarina Casino Las Vegas