Im submitting this problem again since it still persists. I have installed Suse 7.3 and setup SuseFirewall2. With one exception everything works well. I have a small network of three windows machines connected to a Suse 7.3 Linux server that is connected to an adsl modem through a network card. I have one public ip number for one card (eth0) thats connected to the adsl modem, and for the internal network (eth1) I have the number 192.168.1.1. Masquerading from inside to the outside works fine, but when I try to connect to my external ip from inside I get blocked and the console on the server shows the following message. SuSE-FW-ACCESS_DENIED_FOR_INTIN=eth1 OUT= MAC=00:01:02:24:4d:23:00:60:08:c3:6e:a2:08:00 SRC=192.168.1.2 DST=194.236.28.27 LEN=48 TOS=0x08 PREC=0x00 TTL=64 ID=65293 PROTO=TCP SPT=1148 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402) I have a DNS on the server but I don't think that it is the problem. If I try to connect to 194.236.28.27 directly I get blocked in the same manner. When using www.softwave.se the message in the console says that its blocking 194.236.28.27 so the DNS works and supplies the number that then gets blocked. I have uppgraded to the latest Firewall2 script but I noticed no differens. The DNS works for all other numbers (I can get to all pages on the net except my own), and if I in the browser type in http://192.168.1.1 it works whereas http://194.234.28.27 doesn't. So how could it be the DNS ? I am no expert on this so I could be missing something. What do I need to change in my configuration to allow me to get to my own IP number from the inside ? Here is my current configuration. FW_DEV_EXT="eth0" FW_DEV_INT="eth1" FW_DEV_DMZ="" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="192.168.1.0/24" FW_PROTECT_FROM_INTERNAL="no" FW_AUTOPROTECT_SERVICES="yes" FW_SERVICES_EXT_TCP="smtp pop3 imap ftp ftp-data www ssh domain" FW_SERVICES_EXT_UDP="domain" # Common: domain FW_SERVICES_EXT_IP="" FW_SERVICES_DMZ_TCP="" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_INT_TCP="smtp pop3 imap ftp ftp-data www ssh domain" FW_SERVICES_INT_UDP="domain" FW_SERVICES_INT_IP="" FW_TRUSTED_NETS="192.168.1.0/24" FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" FW_SERVICE_AUTODETECT="yes" # Autodetect the services below when starting FW_SERVICE_DNS="yes" FW_SERVICE_DHCLIENT="no" FW_SERVICE_DHCPD="yes" FW_SERVICE_SQUID="no" FW_SERVICE_SAMBA="yes" FW_FORWARD="" # Beware to use this! FW_FORWARD_MASQ="" # Beware to use this! FW_REDIRECT="192.168.1.0/24,0/0,udp,53,53" FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix SuSE-FW" FW_KERNEL_SECURITY="no" FW_STOP_KEEP_ROUTING_STATE="no" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="yes" FW_ALLOW_PING_EXT="no" FW_ALLOW_FW_TRACEROUTE="yes" FW_ALLOW_FW_SOURCEQUENCH="yes" FW_ALLOW_FW_BROADCAST="no" FW_IGNORE_FW_BROADCAST="yes" FW_ALLOW_CLASS_ROUTING="no" Bo Jangeborg Softwave Bo)