On Wed, 03 Sep 2003, Scot Jenkins wrote: > don't most of those router/firewall things put the dmz port on the same > network as the rest of the boxes on your "inside" LAN? If so, using the > dmz port would be a BAD idea. > > also the wireless AP, if it's going to be open to the world, should be > in a DMZ, a different network from your inside LAN. > I agree. I have a P90 with 3 nic cards running as my firewall/router. My DMZ hangs off of 1 of those nics and isn't allowed to get back into my internal network. My AP is also on the DMZ, so if someone connects to it they are still off my internal network. _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list