Mike Pelley wrote:

> > Is it ok that ping does not work through the firewall, or there is
> > something wrong with my firewall configuration ? The rest, I mean
> > netscape, runs fine.
>
> I have three rules like this:
>
> map de0 10.0.0.0/255.255.255.0 -> 209.89.9.68/32 proxy port ftp ftp/tcp
> map de0 10.0.0.0/255.255.255.0 -> 209.89.9.68/32 portmap tcp/udp 10000:40000
> map de0 10.0.0.0/255.255.255.0 -> 209.89.9.68/32
>
> The first rule makes active ftp work through the NAT and is totally
> optional.
>
> The second rule makes sure that tcp and udp packets get NAT'd correctly
> (with port mapping because of the many to 1).
>
> The third rule makes everything else work - like ICMP or ping.  If you are
> missing the third rule most normal stuff will work but you will not be able
> to ping through the NAT.
>
> Good Luck!
>
> Mike.

Now it works like a charm.

Thanks Mike.

Jake

--