Correction to last post... I wrote:
When we used "keep state" on our out rules, we would see port 80 packets originating from our IIS server were sometimes showing in the log as dropped. I meant to say: When we used keep state on our *in* rules (both interfaces of bridge) - we would sometimes see the return results being blocked from our servers (port 80). Stephen Gutknecht
