<><Randall Grimshaw Room 203 Machinery Hall Syracuse University Syracuse, NY 13244 315-443-5779 rgrimsha@xxxxxxx >>> Mattes Opel <mattes.opel@xxxxxx> 3/14/2006 10:48:05 AM >>> >I can't access internet-hosts from machine a), because packets for this >purpose are destinated to registered IP-Numbers. They are rejected by >the output chain, because they doesn't contain the routers internal IP >as destination. Access to the three hosts on local subnet works fine. You don't have any FORWARD rules, where the acl logic would likely reside. <><Randy
