Background: after looking at the document I will tell you that the scenario is the FEP_server initiates communications to the 18.104.22.168 tcp 4113 router. We use this as a backup and I know for a fact it worked before adding the RockyPH-transparent-fw and the FEP-transparent-FW. This testing was done when the SY_Firewall went in and everything worked. Several months ago the RockyPH-transparent-fw was installed. Today the FEP-transparent-FW was installed and we started testing this backup communications link and it would not work. I noticed the syslog in the SY_firewall saying 'icmp block src: 22.214.171.124 to 172.19.0.1'....I don't know why the RockyPH-tran-fw would be trying to ping the server????? So I added ace to both interfaces (inside/outside) to allow traffic between 172.19.0.1 and 126.96.36.199 and everything started working!! Why would I have to add those ACE to make this work??