Hi, I'm currently using a SuSE 7.3( with Kernel 2.4) server with one NIC (eth0)[192.168.12.1]; The Server is using DSL (ppp0) with a modem attached to eth0 via a network switch. The DSL-Route is the default route to the internet. Additionally I need employees to dial in via ISDN (ippp0). Everything works ok so far. ;-) As soon as I switch on my SuSEfirewall2, the remote dialin person is restricted in TCP/IP Traffic to the dialin server (e.g. Ping is only successfull to the dialin-server, but not Successfull to any other host in the 192.168.12.0 network). I'm sorry - I really don't understand the misconfiguration here.... I thought, the masquerade settings are the most important here.... /etc/rc.config: Eth0: IFCONFIG_0="192.168.12.1 broadcast 192.168.12.255 netmask 255.255.255.0 up" Ippp0: IFCONFIG_1="192.168.12.97 pointopoint 192.168.12.1 up" Ppp0: IFCONFIG_2="192.168.0.99 broadcast 192.168.0.255 netmask 255.255.255.0 up" firewall2.config: FW_DEV_EXT="ppp0" FW_DEV_INT="eth0 ippp0" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="192.168.12.0/24 192.168.13.0/24 192.168.15.0/24" FW_PROTECT_FROM_INTERNAL="no" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="no" FW_ALLOW_PING_EXT="yes" If there is a dialin connection to the server, the server reports the following: gitta:~ # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 199.5.98.33 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.15.0 0.0.0.0 255.255.255.0 U 0 0 0 ippp0 192.168.12.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.12.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 199.5.98.33 0.0.0.0 UG 0 0 0 ppp0 The assigned IP-Addresses during dialin via ISDN are: Dialin-Client: 192.168.15.33 Dialin-Server(ippp0): 192.168.12.97 Any hints? Thanks for your help Karlheinz