hi jeff and tanx for answering :) i'm sure i have ip forward enabled, since gateway 2 is working fine and routing packets ok through the lan and to gateway 1. if it happened not to have ip forward enabled in gateway 2 i could never do masquerading from gateway 2 to gateway 1 :) isn't that so? :) i think this might be a matter of finding out some bind tricks to get this over with... i just wanted to be sure input and output to drop would not have anything to do with dhcrelay :)) i'm gonna test it with no firewalling at all to see what happens ;)) [][] unix is user friendly. it's just selective when choosing friends. ------------------------------------------------- Email Enviado utilizando o serviço MegaMail
