A company wants to use it's SuSE Linux PC to access the internet via an ADSL router but wants the clients PC not reacheable from outside. The firewall provides no services whatsoever from outside the local area network. To inside network it provides an dhcp server. Plus, they need to access Remote LAN Servers using Citrix, IKA and Oracle. Most of the clients (win 98) are unable to connect to internet and then switch to Citrix or whatever without rebooting. The picture: internet ¦ ¦ ppp0 10.17.4.1 ¦ ¦ SuSEfirewall2 (8.0) 10.17.4.2 ----------------------------- Remote Office ¦ VAX: 10.17.16.1 (local) ¦ GW1: 10.17.2.1 ¦ GW2: 10.1.2.1 ¦ GW3: 10.192.2.10 ¦ ¦ LAN (was 10.17.20.0) 192.168.0.0/24 By reasons that I ignore, the folks at other side complain, if LAN and the DSL's internal IP are in the same subnet (it masquerades the public IP). I configured the FW: FW_DEV_EXT="ppp0 eth0" FW_DEV_INT="eth1" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_NETS="192.168.0.0/24, 10.0.0.0/16 10.0.0.0/16, 192.168.0.1/24" FW_REDIRECT="192.168.0.0/24,10.17.2.1,tcp,611,611,192.168.0.0/24,10.17.2.1,udp,161,161, 192.168.0.0/24,10.17.16.1,tcp,23,23" What is wrong? Internet connection works fine, but none to the Remote Office. One more info: the gateways listed above are in a Cisco. I've listened some complains to connect SFW2 with a Cisco Router. Any help will be welcome! -- <<The Man, he is not...he Becomes.>> .-. e-SecureNet /v\ We Run SuSE Project Manager // \\ *The LINUX Experts* c/o Miguel Albuquerque /( )\ Av. Miremont 46 ^^-^^ 1202 - GE, SWITZERLAND Tel: +41 (22) 782 5344 Fax: +41 (22) 782 5348 mailto:mfoacs@e-securenet.ch http://www.e-securenet.ch _____________________________________________________________