I have a heterogeneous network with just about every OS represented.
Almost everything works, but I'm stuck on a problem that has me
bamboozled.

I recently replaced a firewall appliance device with an OpenBSD 3.4
machine. I've had some experience building and managing an OpenBSD
firewall, so I'm pretty comfortable with it. The replaced appliance
also server as my web server (one of the reasons I wanted to make a
change), so I built a FreeBSD 4.9 box to run Apache, and provide web
services. It all seemed to be working reasonably well, until the day
before yesterday. Now the web server can't be reached from outside the
firewall.

Of course, I first suspected the firewall config as the most likely
point of failure, and I certainly can't rule it out. However, I
encountered some odd results I can't explain while I was in the
troubleshooting process. The inside of the firewall is at 10.0.1.254.
The web server is at 10.0.1.251. I can ping the inside of the firewall
from another machine (10.0.1.6). I can also ping the web server from
the same machine. Both the web server and the firewall can ping the
third machine (10.0.1.6). However, I cannot ping the web server from
the firewall, and I can't ping the inside of the firewall from the web
server. There are no other routers involved, so I just don't see what
the problem could be.

Anyone have any suggestions?