Hi, When you return packets from your webserver/gateway machine, they will come from the external address (173.11.51.45 or 67.152.166.2), so they will use routing table Cable or T1, and network 192.168.6.0 is not in that routing table, so it will try to use the default gateway and send the packets to the internet instead of back to the internal network. See here: On Wed, Jul 22, 2009 at 02:10, Doug Coats<dcoatshca at gmail.com> wrote: > # ip route show table cable > 173.11.51.44/30 dev eth2 proto kernel scope link src 173.11.51.45 > 192.168.4.0/24 dev eth0 proto kernel scope link src 192.168.4.1 > default via 173.11.51.46 dev eth2 > # ip route show tabel T1 > 67.152.166.0/27 dev eth3 proto kernel scope link src 67.152.166.2 > 192.168.4.0/24 dev eth0 proto kernel scope link src 192.168.4.1 > default via 67.152.166.1 dev eth3 I believe what you need to fix this issue is: # ip route add 192.168.6.0/24 via 192.168.4.3 dev eth0 table Cable # ip route add 192.168.6.0/24 via 192.168.4.3 dev eth0 table T1 If you are doing NAT on your gateway/webserver, it might also affect this connection, so you should look for it. You should try to use "tcpdump" (or "ethereal") and run one instance of it in each interface to see where the packets are going. For instance, you can use it to see that the response packets are going out in interface eth2 or eth3 instead of eth0 as they should. You will also be able to see if NAT is being done when receiving the packets and if it's being undone when they are returned. HTH, Filipe