Chris:

> I'm assuming that dc0 is your outside if.

Correct.

> Did you move your block to the top with the quick
> keyword?

I tried it with and without that keyword. Neither one
worked.

Your rules didn't seem to work real well for me --
basically, I couldn't get out at all, but I kept
having packets show up on the screen. It was highly
annoying trying to correct the ruleset with crap
flashing all over the place.

FYI, my last "pass out on dc0 from any to any" was
just there because I wanted to be able to use the net
while I was working with the firewall, but wanted to
be reminded that I'd need a global policy later.

Thanks for your help. Let me know if you have any
other ideas.

Alex Le Fevre

__________________________________________________
Get personalized email addresses from Yahoo! Mail - only $35
a year! http://personal.mail.yahoo.com/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]