I have a SUSE 8.0 pro box running SUSEfirewall2 and need to get 5 internet IPs into the DMZ/INT lan to a web server to host 5 different sites. I want the 5 ext ip's to each go to the 5 internal bindings on the internal server. Each ext ip is a internet address with a domain name. Is this config the only way to do this or should the setup be somewhere else, I currently am using a watchguard firebox for this but we want to upgrade. Eg: 123.123.123.173=>192.168.1.188 123.123.123.174=>192.168.1.189 123.123.123.175=>192.168.1.190 123.123.123.176=>192.168.1.191 123.123.123.177=>192.168.1.192 all on port 80 Internal access to the web is not needed after the wall is ready. Is there any more detail I need to know. I am considering 8.1 or the Ent edition if it will do the job. ==susefirewall2 contents== FW_DEV_EXT="eth0" FW_DEV_INT="eth1" FW_DEV_DMZ="" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="0/0" FW_PROTECT_FROM_INTERNAL="no" FW_AUTOPROTECT_SERVICES="yes" FW_TRUSTED_NETS="192.168.2.0/0,icmp" FW_SERVICES_EXT_TCP="" FW_SERVICES_EXT_UDP="" FW_SERVICES_EXT_IP="" FW_SERVICES_DMZ_TCP="" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_INT_TCP="" FW_SERVICES_INT_UDP="" FW_SERVICES_INT_IP="" FW_ALLOW_INCOMING_HIGHPORTS_TCP="no" FW_ALLOW_INCOMING_HIGHPORTS_UDP="DNS" FW_SERVICE_DNS="no" FW_SERVICE_AUTODETECT="yes" FW_SERVICE_DHCLIENT="no" FW_SERVICE_DHCPD="no" FW_SERVICE_SQUID="no" FW_SERVICE_SAMBA="no" FW_FORWARD="" FW_FORWARD_MASQ="A.B.C.173/0,192.168.2.188,tcp,80 A.B.C.174/0,192.168.2.189,tcp,80" FW_REDIRECT="" FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix SuSE-FW" FW_KERNEL_SECURITY="yes" FW_STOP_KEEP_ROUTING_STATE="no" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="no" FW_ALLOW_PING_EXT="no" FW_ALLOW_FW_TRACEROUTE="yes" FW_ALLOW_FW_SOURCEQUENCH="yes" FW_ALLOW_FW_BROADCAST="no" FW_IGNORE_FW_BROADCAST="yes" FW_ALLOW_CLASS_ROUTING="no" ======<-0-0->====== Mike Sampson Systems Administrator Pearson Peacekeeping Centre Tel. 902.638.8611 x188 Fax. 902.638.3310 http://www.peaceoperations.org