One solution is to have split DNS. The inside DNS points www to the inside address (i.e. 192.168.x.x) while the outside (public) DNS points to the public IP address. -GS -----Original Message----- From: Andrés Tarallo [mailto:atarallo@acm.org] Sent: Thursday, October 09, 2003 10:55 AM To: suse-security@suse.com Subject: [suse-security] Problems with SuSEFirewall Hi !!! I have a problem with a firewall I've configured with SuSEFirewall2 and SuSE Linux 8.2. My firewall has a public IP address, and a private IP for a LAN. In the LAN I have a WWW server and a email server. People who want to check their mail from the Internet just connect to the public IP in the firewall and I have set there rules to redirect the trafic to the mail server and WWW server in the LAN. This works fine, also the people in the lan browse the internet via a transparent proxy. My problem starts because the people on the private LAN want's to access the WWW server from the lan, in the same manner they do from the Internet. When they point their browser to http://www.company.com they get a error message from squid that says that the conection was refused. If i ping the WWW server from the LAN by it's name i get no answer. This problems is driving me mad, I don't know what to do. Thanks in advance for your advice. Andrés This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system.