Hello all! I have a machine (currently isolated on a private network) running Shorewall that has 2 NICs. I am trying to set up a test where this firewall machine is between a corporate network (eth0) and a DMZ (eth1). In the real application, there would be another firewall box between the public Internet and the DMZ, but that''s not what I need to examine now. In the DMZ will live a web server (Win2K AS, IIS) that is the public interface for a web application. This server talks to an application server, which is inside the corpnet in this case. If the two machines are on the same network, the protocol used is native COM+. In this situation, I''m trying to test the use of COM Internet Services (CIS), which uses a Tunneling TCP protocol to allow this traffic to transit routers/firewalls more easily. Please see this URL for more info on CIS: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dndcom/html/cis.asp Here''s a diagram: corpnet DMZ [app server] <----> [firewall] <----> [web server] I was able to get the app server and web server talking to each other via CIS when they were on the same network and there was no firewall. When I put the firewall in, they can''t see each other. I''m a relative firewall and TCP/IP newbie. Can somebody lend a hand with configuration suggestions and/or sample config files? Thanks! -- Peter Loron http://search.keyserver.net:11371/pks/lookup?op=get&search=0xD3CE3C53