Hello all, I am attempting to deploy the following firewall:: eth0-external interface to Cisco IP 1.2.3.62 Mask 255.255.255.248 eth1-DMZ interface IP 10.0.0.1 Mask 255.255.255.0 eth2-internal interface to 192.168.1.0/24. IP 192.168.1.1 Mask 255.255.255.0 The dmz interface has a private IP, but is connected to a switch with my web and mail servers on it, complete with public IP's. I cannot spare two public IP's for the firewall box alone. I have connected a web server to this interface but it is unreachable with ICMP, web requests, etc. I suspect that my routing configuration is incorrect. Despite what I thought was a basic understanding of subnetting and static routing in general, I cannot achieve the proper config!!! Anyone see my errors?? Thanks, Gabriel Rivera -------------------------------------- Output of route -n on firewall: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 1.2.3.46 0.0.0.0 255.255.255.255 UH 0 0 0 eth1 1.2.3.45 0.0.0.0 255.255.255.255 UH 0 0 0 eth1 1.2.3.44 0.0.0.0 255.255.255.255 UH 0 0 0 eth1 1.2.3.43 0.0.0.0 255.255.255.255 UH 0 0 0 eth1 1.2.3.41 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 1.2.3.40 0.0.0.0 255.255.255.248 U 0 0 eth0 10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 eth2 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 1.2.3.41 0.0.0.0 UG 0 0 0 eth0 route.conf from firewall: default 1.2.3.41 1.2.3.41 0.0.0.0 255.255.255.255 eth0 1.2.3.43 0.0.0.0 255.255.255.255 eth1 1.2.3.44 0.0.0.0 255.255.255.255 eth1 1.2.3.45 0.0.0.0 255.255.255.255 eth1 1.2.3.46 0.0.0.0 255.255.255.255 eth1 192.168.1.0 0.0.0.0 255.255.255.0 eth2 Output of route -n on webserver: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.0.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 1.2.3.4.0 0.0.0.0 255.255.255.248 U 0 0 0 eth0 route.conf from webserver: default 10.0.0.1 10.0.0.1 0.0.0.0 255.255.255.255 eth0