Hello, > First, I have set up a web/ftp server outside the firewall, > and everything works, but the machines inside the firewall cannot see > it. I need to set up some routing rule for this? What is the > preffered methiod to do it? It's not very clear to me. Your ftp/web server will be not protected by the firewall, right ? Only your internal network (ftp/web clients will be). Your ftp/web server and your firewall have a public IP address (and hopefully a public name, registered to DNS). So your ftp/web server is like any other server out there, in th enet jungle :) >From inside your network, using a client, can you access (ping or whatever) the server ? All the internal clients will have to use the gateway-firewall as their default route. So, the server is somewhere on some different physical network. > Second... I'm having some trouble listing contents from > machines inside the lan to ftp servers outside... They can connect, > and authenticate fine, but no listing??? I ran the same procedure > from the server on the outside and all works as expected. are you using squid as a proxy ? Well, i tried here using a client, the firewall and a random ftp server, say ftp://ftp.sunet.se and it works like a charm. All i had to do was to allow the ftp in Restrict Access->Office traffic maybe i did not understand your settings ... have a nice day, -- Florin http://www.mandrakesoft.com