Hi everyone,

Since installing the latest bordermanager patch we have been unable to

send email to certain addresses. After reading various articles and
going
through the very helpfull bordermanager book written by Graig as well
as
visiting the nscsysop site and taking into account tip number #60. We
are
still having problems getting our mailsweeper server to see the
outside
world. We have gone through the dynamic NAT setup (Which coincidently
was
originally installed on the private card.)We have remedied this by
moving
it to our public card and flushing the routes via tcpcon.

We have two firewalls setup one is NT based and sits beyound
Bordermanager. This gives us the configuration of on bordermnager
[<192.100.XXX.XXX> to <125.6.XXX.XXX>] this is then sent to NT
firewall
via a default route to [<125.6.XXX.XXX> to <125.6.XXX.XXX>]then the
data
is sent on to ISP router via a default route. We have an internal
mailsweeper server that is sitting on our LAN this is fed directly
from
Groupwise internet agent. looking at tip #60 we have installed dynamic
NAT
onto the bordermanager card of <125.6.XXX.XXX>. we have setup the
default
gateway on mailsweeper that goes to bordermangers private card of
<192.100.XXX.XXX>. With this configuration we are unable to ping
beyound
the private card of bordermanager. If however we unload ipflt we can
ping
to the public card on bodermanager but no further. We have removed the
NT
firwall to simplify our problem and connected bordermanager to the
ISP's
router direct but although we have matched the configuration of the NT

firewall we have been unable to comunicate with the ISP router at all.
I
must confess that i am beginning to run out of ideas.