Hallo Mike Shaw, am Mittwoch, 6. März 2002 um 21:25:37 schrieben Sie: MS> There are definitely textbook reasons (secondary compromize issues, etc), MS> but does anyone know of a specific technical reason why using a VLAN for a MS> DMZ segment is a bad idea (cisco 5500 switch)?
MS> The VLAN would have no telnet interface living on it, and no level 3 MS> switching/routing going to/from it. It'd be just an isolated segment. The MS> only thing I could think of would be that someone could spoof the MS> frame-tagging or something. MS> Any input is appreciated. MS> -Mike http://www.fefe.de/switch/ http://www.infowar.com/iwftp/xforce/advise24.html Two links which might be interesting for you. Maybe the "private vlan" technology by Cisco helps, but i didn't have a closer look at it yet. Regards, Doc. --- DocValde web: http://www.DocValde.net eMail: [EMAIL PROTECTED]