Inside users can start connections and surf the web fine. However, they cannot access web server sites located internally. The internal sites can be accessed fine externally. DNS servers reside externally. It appears the internal sites resolve the site's internal address correctly, then die. Infact, a webserver cannot pull up it's own address or a site of a server next to it, but can hit any site outside. DNS issue?