sai,

> I have the following setup but must have missed something as we cannot
> connect to the 2 servers mentioned below. Any one see anything missing?

What do you mean you can't "connect" the two servers?


> WAN 222.x.x.33/29
> LAN  192.168.0.1/24
> DMZ  10.1.0.1/24
> 
> Now I have a couple of servers on the DMZ.
> server1 : 10.1.0.2
> server2:  10.1.0.3
> 
> in Services > PRoxy ARP,  I add 222.x.x.35  and 222.x.x.37  (these are 2
> spare Public IP addresses we have)
> in Firewall > NAT > Server NAT   I add  222.x.x.35  and 222.x.x.37
> in Firewall > NAT > Inbound  I have:
>          External IP :  222.x.x.35
>          Protocol : TCP/UDP
>          External port: 8xx1  (this is as requested by the supplier of
> the server)
>          Local port : 8xx1 (same as expternal port)
>          [checked] the box saying "Auto add rule"
> 
> and also
>        External IP :  222.x.x.37
>          Protocol : TCP/UDP
>          External port: 8xx2  (this is as requested by the supplier of
> the server)
>          Local port : 8xx2 (same as expternal port)
>          [checked] the box saying "Auto add rule"

Assuming "connecting" means accessing WAN resources, you don't seem to
have any Firewall rules that allow traffic out of the DMZ.  Those
ports specified only let traffic inbound... and only limited by those
ports, but you also need to add FW rules that permit TCP/UDP traffic
outbound from the DMZ.


/sylikc