Hi. I have two NAT-ed network segments. One is my internal network and one is a 'semi internal' network. Computers from semi-internal network should have access only to the internet, whiles computers on internal network should have access both to the internet and limited access to semi-internal network (telnet, ssh, ftp, ..., NFS). I read that nfs4 is designed to work also beside firewalls. For this reason it uses only TCP port 2049. So I added a rule to my firewall: ---- iptables -A FORWARD -s <in_net> -d <semi_net> -m state --state NEW -p tcp --dport 2049 -j ACCEPT ---- I ran FC3 on both computers (on my semi-net - NFS server and on my internal net - NFS client). When I'm trying to mount an exported share with a command like: ---- mount -t nfs4 <semi_net_ip>:/exports /mnt/semi_net ---- I'm getting an error 'mount: Permission denied'. The same command executed on a NFS client on the semi_net works fine. BTW: computers on semi_net uses only /etc/hosts files to resolve names from internal net. Internal computers uses the internal DNS server for this purpose. The names are correct ... the only difference is that IP-s can be reverse resolved in the DNS (PTR records) whiles /etc/hosts file doesn't contain PTR records (heh ... of course ;) ). Some sugestion how to solve the problem? Best regards, Dezo