This post is for those who have ISP's using the ppp over ethernet protocol for internet connection. I was customizing the firewall (sygate), and I could not pinpoint the exact level of blocking for the range of ISP addresses plus other computers on my network. I use Pacenet, and I tried to set access to just allow dns and icmp packets to go through. But this resulted in failed connections...In the end I had to allow for tcp, udp and icmp access to the entire range for the ISP address block , plus the whole block of IANA network addresses (192.168.xxx.xxx, 169.254.xxx, etc). This is the only way I could get the firewall to let the connection go through. I would still like to go further and just allow the selective dns and icmp queries only...so does anyone know more on this? thanks!