I need to connect from one specific host to server inside my internal network. The internal network is 192.168.1.0/24 (192.168.1.1 is the server). The gateway is a linunx (Kernel 2.2.18)-Box. From the masqueraded Network I have full access to the outside world. So I set FW_FORWARD_TCP="w.x.y.z/32,192.168.1.1,22" and FW_FORWARD_MASQ_TCP="w.x.y.z/32,192.168.1.1,22" There is a host route to 192.168.1.1 set in w.x.y.z's routingtable. If I run: ssh 192.168.1.1 I get: Jul 5 12:29:53 mail kernel: Packet log: forward ACCEPT eth1 PROTO=6 \ w.x.y.z:1023 192.168.1.1:22 L=60 S=0x00 I=39225 F=0x4000 T=63 SYN (#4) in my gateways /var/log/messages . The is no entry in /var/log/messages on 192.168.1.1 and w.x.y.z is trying forever :( What's missing? Thanks in advance -- ------------------------------------------------------------------- bye bye (c) by Thom | Thorsten Marquardt | EMail: THOM@kaupp.chemie.uni-oldenburg.de | Member of the pzt project. | http://kaupp.chemie.uni-oldenburg.de/pzt -------------------------------------------------------------------