On Mon, 2003-11-10 at 08:26, Antony Stone wrote: > > I assumed (maybe wrongly?) that because Lohan specified an internal IP > address, the access was required from the internal network. Obviously Lohan needs to be the one to clarify, but I think your right. Going back through the thread, it looks like the access is internal to internal, with forwarding to an external. Of course this is still going to give him trouble if 10.10.10.41 is part of the local subnet. Systems are going to ARP for this IP, not send the traffic to their default gateway. You might be able to use publish ARP on the internal interface of the firewall, but that assumes a flat subnet and starts to get real messy. Thanks for the clarification, C
