Hi, I have a strange problem here. I set up a testbed like in the on on the website, except that I have NAT im my scenario. When I test a SSH connection everything goes fine. When I download a file via HTTP the first failover works, but the failback breaks the connection and the download stops. Tracing the connection show that during the failback the HTTP Server sends a package to the virtual NAT address of my firewall and the firewall send a TCP RST back and thus stops the connection. Of course I tried first to sync the connection table and after that set up my virtual addresses, but it seems that it does not help. A similar problem was described from Abhijit Menon-Sen on Oct, 30th 2007 on the nf-failover mailing list. But I did not find any solution there. My system: debian lenny. Kernel 2.6.26-1-686 conntrackd version 0.9.6-4 Mode: FTFW, heartbeat as HA solution. My firewall does allow everything. The only rule is the NAT rule that translats all packets comming from internal to the virtual external address. Any idea what could be wrong? How could I trace the problem further? Thanks for any help. -- Dr. Michael Schwartzkopff MultiNET Services GmbH Addresse: Bretonischer Ring 7; 85630 Grasbrunn; Germany Tel: +49 - 89 - 45 69 11 0 Fax: +49 - 89 - 45 69 11 21 mob: +49 - 174 - 343 28 75 mail: misch@xxxxxxxxxxx web: www.multinet.de Sitz der Gesellschaft: 85630 Grasbrunn Registergericht: Amtsgericht München HRB 114375 Geschäftsführer: Günter Jurgeneit, Hubert Martens --- PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B Skype: misch42 -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html