On Friday 08 March 2002 06:25, Tony wrote: > Good Morning, > > I am resending a message that got no response the last time, I would > appreciate any input anyone might have.
I apologize! Unfortunately, it won't work with eth1 and eth2 (or any routed subnets on the same subnet). In other words, to NAT and access each other, the NICs must be on different subnets to allow routing. The diagram implies addressing that would not be possible to route on _any_ router. What _might_ work, is running the ISA firewall as a seperate link itself inbetween the DMZ and the internal subnet. This would assume a standard addressing scheme for the internal net and DMZ (ie... 192.168.1.x for internal and 192.168.2.x for DMZ). I can't honestly tell you how well this would work, or imply that it is very secure, but in the past some people have been known to get this functional. I'm assuming that your using Dachstein, since your basing some of this post from one of Charles' post. This brings another "gotcha" into the picture. If you plan on changing the internal net addressing from 192.168.1.0, you will have to change every LAN capable service by hand to reflect this. These services include dhcpd, dnscache, weblet, and possibly others. I think the default install requires changes in seven places, so be aware. I hope this helps! -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user