Hello, I have a firewall setup with the default policy to block. I have a DNAT rule to DNAT incoming connections to a internal IP. I then have a EXT to INT forward rule for port 80 - state NEW I then have a EXT to INT forward rule for ESTABLISHED connections I then have a INT to EXT forward rule for ESTABLISHED connections This is working great the problem ... I am not able to get this machine to make a out bound connection :( I tried enabling logging and nothing ... it is NOT until I change the default policy to ACCEPT that I can make a out bound connection. The only difference in the log files is that with the default set to ACCEPT it makes it to the NATPOST target ... The NAT tables have a default of ACCEPT from the beginning -- Michael Gale Network Administrator Utilitran Corporation
