Thanks everyone for the pointers... I finally tracked the problem down to
the Windows clients.  For some reason everything but the DHCP DNS options
are getting passed from the  network's DHCP server.  My quick fix was to go
specify the DNS servers on each individual client (ACK).  I am going to
check Microsoft Technet for notes regarding this issue.  Once again, it
looks like Microsoft is to blame...  suprise, suprise :)

Thanks again,
Steven Brendtro
Lee's Summit, MO

Original Message Follows:
---------------------------------------------------

Hello all,

I recently set up a firewall to protect a private network which has been up
and running for about a month with no real problems.  I recently made some
modifications to the network (note to the ipchains rulesets) and have the
following problem...  Machines on the private network can ping the Internet,
having the traffic masqeraded, and they can even access websites by IP
address, but nothing works with domain names.

I would figure this to be a domain issue, but the firewall uses the same DNS
servers as the clients on the private net and the firewall has no problem
resolving any names.

I appreciate any help you can give... I have lost much hair and sleep over
this one so far... and the 20+ users on the private net aren't very happy.

Thanks,
Steven Brendtro
Lee's Summit, MO