port forwarding

[Gary Koskenmaki]

Ok.  I'm back again and still having problems accessing my lab web
server from inside my lan.

I set up a webserver in a dmz and it is accessible from the internet as
I have had a friend access the site from his home.  However, I cannot
access that web server from the INT zone.  It's the same problem I had
accessing the web server when it was in the INT zone.  Wireshark
captures show the connections being actively rejected with a packet with
the rst,ack flags both set.  That happens when attempting to connect
with a broswer or with telnet.

I can ssh into a remote server at work and telnet to port 80
successfully, just not from my own lan.   

Does someone have a working, i.e. an example, known good, config with
the dmz accessible from the int zone that they could send me?  I'm
missing something, but don't know what, and need to look at a known good
config so I can figure out what I'm doing wrong.  My guess is it's
something fairly simple, but I'm new enough to iptables that I just
don't have enough knowledge to troubleshoot it yet without comparing it
with something that's known to work.