Hi We have a website on a server in our DMZ that hits a webservice over SSL identified by an external IP. However, the webservice is on the same box. PF won't route requests to the external IP that come in on the DMZ interface back out of the same interface, so we can't hit it.
I've tried making it hit the internal DMZ IP of the web server, but then you get trust errors because the certificate is not issued for 10.0.0.15. Is there a way round this? I can't see anything in the PF FAQ. We desperately need to get the webserver to hit itself over the external IP. Previously the DMZ was protected by IPCop - I've got no idea how it worked before. Thanks Ashley -- "If you do it the stupid way, you will have to do it again" - Gregory Chudnovsky
