Platform:
==========
BM = v3.8 SP1a
NOS = NW v6.0 SP3

I'm having difficulty in getting my GroupWise WebAccess (GW-WA) filters set up correctly. I've read the postings in this forum and things don't seem to be working out that well for me. I hope someone can lend an assist.

With my shields down (OK I watched Star Trek today), I am able to get to the GW-WA login screen. When the filters are loaded back up, the port 80 packets get discarded. So it is a filtering problem.

HTTP Proxy is enabled.
The GW-WA Agent is running on SRVR1 which is behind the BM-SRVR2.
The GW-WA Application is installed on the BM-SRVR2.

I have the following 2 rules on my client's server to allow GW-WA in & out as follows:
NOTE: PUB.ADR.444.125 is my my client's public IP address
<=====BEGIN RULE GW-WA IN=======>
Source Interface Type: Interface
Source Interface: PUBLIC (Public)
Source Circuit:

Destination Interface Type: Interface
Destination Interface: PRIVATEI (Private)
Destination Circuit:

Packet Type: GW-WA HTTP In Protocol: TCP
Src Port(s): 1024-65535 Dest Port(s): 80
ACK Bit Filtering: Disabled Stateful Filtering: Disabled

Src Addr Type: Host
Src IP Address: PUB.ADR.444.125
Dest Addr Type: Any Address
Dest IP Address:
Logging: Disabled
Comment: 6/25/04 Allow GW WebAccess In
>=====END RULE GW-WA IN=======<


<=====BEGIN RULE GW-WA OUT=======>
Source Interface Type: Interface
Source Interface: PRIVATEI (Private)
Source Circuit:

Destination Interface Type: Interface
Destination Interface: PUBLIC (Public)
Destination Circuit:

Packet Type: GW-WA http out Protocol: TCP
Src Port(s): 80 Dest Port(s): 1024-65535
ACK Bit Filtering: Disabled Stateful Filtering: Disabled

Src Addr Type: Any Address
Src IP Address:
Dest Addr Type: Host
Dest IP Address: PUB.ADR.444.125
Logging: Disabled
Comment: 6/25/04 Allow GW WebAccess Out
>=====END RULE GW-WA OUT=======<


With the above 2 rules in place, when my TekLab's browser tries to access my client's WebAccess address ( PUB.ADR.444.125 ), I get the below TCP debug output msg on my client's server Logger screen :

NOTE1: PUB.ADR.333.139 is my my TekLab's public IP address
NOTE2: PUB.ADR.444.125 is my my client's public IP address
>=====BEGIN TCP DEBUG MSG=======<

INBOUND packet to "Discard"
Protocol Type=(TCP) Protocol Flag=(SYN)
Source Address=(PUB.ADR.333.139) Destination Address=(PUB.ADR.444.125)
Source Port=(13058) Destination Port=(80)
Source TOS=(Dynamic) Destination TOS=(HTTP)
Source Interface=(3) Destination Interface=(3)
Source Circuit=(103) Destination Circuit=(0)
Source GroupID=(0) Destination GroupID=(0)
>=====END TCP DEBUG MSG=======<


What am I missing? What's wrong with my picture? I've tried everything, I guess, but the correct solution.
Thanks for the help.

Regards.