Hi guys, I really hope someone can help me as this seems ridicoulous! I have bought 4 of these bad boys and setup VPNs on them perfectly I also wanted to setup some firewall rules to send some services to various machines on my network so logically i added a few rules. allow service RDP(3389) source WAN1 specific IP to 10.0.0.2 allow service RDP(3389) source WAN1 any IP to 10.0.0.10 allow service SMTP (25) source WAN1 specific IP to 10.0.0.3 allow service SMTP (25) source WAN1 specific IP2 to 10.0.0.3 allow service HTTPS(443) source WAN1 any IP to 10.0.0.3 now I would assume this would route; RDP reqests to 10.0.0.10 unless from a specific IP in which case 10.0.0.2 HTTPS requests to 10.0.0.3 SMTP requests from specific IPs to 10.0.0.3 However none of these work and i get no incoming ports working after having spoken to Cisco systems they have told me the only way to get it to work is to use port forwarding which seems ridiculous as it negates the use of the firewall! the only way i have managed to get the system working is to add port forwarding 3389 to 10.0.0.10 443 to 10.0.0.3 25 to to 10.0.0.3 i then have to add firewall rules allow service smtp(25) source WAN1 specific IP2 to 10.0.0.3 allow service smtp(25) source WAN1 specific IP to 10.0.0.3 deny service smtp(25) source WAN1 any IP to 10.0.0.3 Does this seem right? this seems like an absolutly silly way of configuring the router and means i cannot route to more than one machine on the same port! i hope this makes sense and someone can help me!