In the FW-1 docs, it looks like when you create a DMZ using an extra leg off a firewall, and then specify the DMZ servers as external, that those servers have restricted access OUTBOUND to the Internet. Is my understanding of this correct? I'd like to setup a split DNS and have the "external" DNS be in the DMZ. Is there anyway I can use FW-1's "UDP reply" technology to let UDP DNS requests happily leave and then return to my DMZ host(s). Any help/suggestions of rulesets to do this or pointers to other sources of information related to this would be greatly appreciated. Thanks, Dana Pratt [EMAIL PROTECTED] -- ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
