Hi all. I have a pix 515 with 6.3(4) ios. The pix is connected to my office/dmz/internet networks. Due to some sql requirements, the web server on my dmz network is allowed to access my sql server on office network. My web server is using ip 192.168.1.200 while my sql server is using ip 192.168.2.200. I then created an accesslist "accesslist dmz_access_in permit tcp host 192.168.1.200 host 192.168.2.200 eq 1433". But it couldn't work. I then had to do a translation for 192.168.2.200 to a dmz ip 192.168.1.201. And add an accesslist "accesslist dmz_access_in permit tcp host 192.168.1.200 host 192.168.2.201 eq 1433". Then the thing would work. Why is this so? Why do i need nat for my sql server? Thks in advance.