Solaris 10 and NAT (ICMP ok but not TCP/UDP)

hi all,
i hope someone can help me. i work a week on this and have no clue how
to get it to work. i use the packets included in solaris 10 with no
additional software. the internet connection is setup correct over ppp
and everything is reachable with the router. but i can't connect with
the clients.

the settings are simplified for testing purpose:

ipf.conf:
pass in all
pass out all

ipnat.conf:
map sppp0 192.168.1.0/24 -> 0/32

ndd -set /dev/tcp ip_forwarding 1


my network looks like this:

Client 192.168.1.2
/
INTERNET - hme0 <-> hme1 (192.168.1.1)
\
Client 192.168.1.3

and netstat shows me:
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
217.0.116.xxx 217.83.72.yyy UH 1 0 sppp0
192.168.1.0 192.168.1.1 U 1 2 hme1
224.0.0.0 192.168.1.1 U 1 0 hme1
default 217.0.116.xxx UG 1 175
127.0.0.1 127.0.0.1 UH 32 6186 lo0

i can ping(ICMP) on every site but the tcp and udp traffic doesn't pass.
i found in the faq a command to disable the hardware checksum but this
also didnt fix the problem.
i hope someone has an idee or can point me to the right place.
thanks in advance...