Notes from when I used ar0176e0/1 to be a temporary, "We're down for Maintenance", web server. 1) Had to change the Rule Number Rule Name Rule Description =========== ========= ========================= 512 httpNon TCP in port 80 nonsecure 513 httpsNon TCP in port 443 nonsecure Firewall rules to allow packets to travel outbound from us. The rules used to be [Entry Fields] Sequence Number 512 * Name httpNon * Action permit + * Protocol [tcp] + * Source Port / ICMP Type Operation any + * Source Port Number / ICMP Type [0] # * Destination Port / ICMP Code Operation eq + * Destination Port Number / ICMP Code [80] # * Interface Adapter non-secure <--- Changed to both + Adapter Names + * Routing local + * Direction inbound <--- Changed to both + Log Control no + Fragmentation Control yes + Tunnel ID + Description [TCP in port 80 nonsecure] And for rule 513, [Entry Fields] Sequence Number 513 * Name httpsNon * Action permit + * Protocol [tcp] + * Source Port / ICMP Type Operation any + * Source Port Number / ICMP Type [0] # * Destination Port / ICMP Code Operation eq + * Destination Port Number / ICMP Code [443] # * Interface Adapter non-secure <--- Changed to both + Adapter Names + * Routing local + * Direction inbound <--- Changed to both + Log Control no + Fragmentation Control yes + Tunnel ID + Description [TCP in port 443 nonsecure] Also added 2 more rules for tcp-ack, both ports 80 (rule 531) & 443 (rule 532). [Entry Fields] * Name [httpNon-Ack] * Action permit + * Protocol [tcp/ack] + * Source Port / ICMP Type Operation eq + * Source Port Number / ICMP Type [80] # * Destination Port / ICMP Code Operation any + * Destination Port Number / ICMP Code [0] # * Interface Adapter both + Adapter Names + * Routing local + * Direction both + Log Control no + Fragmentation Control yes + Tunnel ID + Description [For local web server when site's down.] and [Entry Fields] Name [httpsNon-Ack] Action permit + Protocol [tcp/ack] + Source Port / ICMP Type Operation eq + Source Port Number / ICMP Type [443] # Destination Port / ICMP Code Operation any + Destination Port Number / ICMP Code [0] # Interface Adapter both + Adapter Names + Routing local + Direction both + Log Control no + Fragmentation Control yes + Tunnel ID + Description [For local web server when site's down.] Added new rules to 504 service. I.E. made sure "Rule Objects" field was inbound-512 inbound-513 inbound-531 inbound-532 instead of just inbound-512 inbound-513. Then you back out to "Filters" menu, select "Control Filter Status", select "Activation", select "Activate / Update".