Hi Tom, I had the same problem on NT and Linux - each can be solved :-) NT: place a txt-file "local.arp" at FWDIR\state\ that has a entry like: <IP-Address> <MAC-Address> 192.168.1.99 00-80-AD-46-CF-EF Add a static, permanent route for the "outside-address" to the internal, hidden address: route add -p 192.168.1.99 netmask 255.255.255.255 gw xx.xx.xx.xx (where xx.xx.xx.xx is the non-official inside adrdees of the server) stop and start your fireall LINUX: arp -s 192.168.1.99 00:80:AD:46:CF:EF -i ethx pub route add -host 192.168.1.99 gw xx.xx.xx.xx (where xx.xx.xx.xx is the non-official inside adrdees of the server) Thatīs it. Both worked fine for me and I hope it will do the same for you :-) Marco > Hi, I have machines in my DMZ which use static NAT, arp and > route. The > problem is the machines cannot gain external connectivity and external > machines cannot access the machines in the DMZ. (I have had > the same problem > before when installing FW-1 on an NT machine, the problem > seemed to just > disappear?) If I enter an 'arp' I can see the entries in the > arp table, the > same is true of route. The machines have automatic NAT > (static), have a rule > allowing all machines access anywhere and anywhere can access > the machines > for any service (for testing) and the log viewer reports no > denies or drops. > Has anyone had similar problems and if so found a way around it or the > cause? thanks > > > Tom Heyworth > Technical Manager > [EMAIL PROTECTED] > International Computer Consultants > > > > ============================================================== > ================== > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ================== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================