Harry, Comments imbedded: >1. I mapped a single global address to an inside server target >static (inside,outside) 10.0.0.44 38.168.115.61 netmask >255.255.255.255 0 0 Your syntax is incorrect, you static command should be: static (inside, outside) 38.168.115.61 10.0.0.44 netmask 255.255.255.255 0 0 IOW, it should be static(inside, outside) "outside-ip" "inside-ip" > >and then created 4 conduits so I could support port 80 and 443 transactions > > conduit permit tcp host 38.168.115.61 eq www any > conduit permit tcp host 10.0.0.44 eq www any > conduit permit tcp host 38.168.115.61 eq 443 any > conduit permit tcp host 10.0.0.44 eq 443 any You don't need the conduits to your inside addresses, only to your global IP's, in your case 38.168.115.61. You can delete the conduits to the 10 net addresses. I'm not suprised that you got "unpredictable results" using this configuration. :-) Here are a few pointers to some links on the Cisco site that should help you: <http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v50/config/commands.htm#xtocid459365> <http://www.cisco.com/warp/public/110/index.shtml#pix> HTH, Kent -- ################################################## Kent Hundley Lucent Networkcare CISSP, CCSE Sr. Network Consultant ################################################## - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
