There's something I am not clear about concerning firewalls. Suppose I have a firewall that (to start with) uses filtering on the three networks it is linked to (external,dmz and internal). If I want to offer web proxy services to the insiders and VPN service to people on the road, must I put both functions on the firewall machine? I see that I could put a www proxy server on the dmz, but I would have thought that performance would have been pretty poor. And the VPN router has to be internet visible, so it has to go on the external network (eg replace the border router), or on the DMZ right? In the former, how do you get clients safely through your fw to the internal network; and in the second case doesn't performance become a problem? I am wary of loading everything on the same box, for the obvious reasons. Can someone explain? cheers Shriman Gurung [EMAIL PROTECTED] --speaking for myself not my employer-- - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
