Hi,
This has been a crazy week. We had two customers (both on the same subnet) that couldn't get to their web page behind the Check Point firewall R81 JHF 36. Externally, we couldn't get to the web server, internally we could. Anyone who came in externally could NOT get to the site. We all tried from home. In the logs, I noticed some SYN-ACK outbound drop from the private IP of the server to whatever external IP was trying to hit at the time. I ended up with 'fwaccl off' . to get things working again, actually on 2 sites in the same subnet. Is it possible the connection table was stuck on the NAT routable IP that's why outbound traffic was stuck and not internal? I'm trying to guess as to what reasons could cause this and explain it to the customer. And to keep it from happening again. Next time I plan to clear the connection of the IPs having trouble and keeping 'fwaccl on'.