Success, I changed the PF rules to as follows. pf.conf ---------------------- binat on fxp0 from 1.2.3.231 to any -> 10.10.2.231 binat on fxp0 from 1.2.3.232 to any -> 10.10.2.232 binat on fxp1 from 10.10.2.231 to any -> 1.2.3.231 binat on fxp1 from 10.10.2.232 to any -> 1.2.3.232 ----------------------
And it works. So in the above I'm doing the address translation on both interfaces when the packets "enter" the interface. I'm not quite sure what this will do the size of my state table, and the performance of the box, but I'll do that testing now. Greg -- Greg Rumple [EMAIL PROTECTED]
