2 things:
What I'm missing in your description is the setup of explicit NAT rules,
translating traffic to the public addresses of your servers to their private
DMZ addresses. Did you add such rules??
And drops because of rule 0 always point to a problem resulting from the
rulebase properties, like IP spoofing not set up correctly. Please search
the FW-1 mailinglist archive for this, it comes up quite often.
Hope that helps? If not, feel free to mail.
Cheers
Ralf G.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
