-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > what is the "best" way to implement this > configuration?
Well, you are right that you don't want two NICs in the FTP server, but remember that you also don't need to pass anything from the FTP server into the LAN. Most good firewalls these days can handle the complexities of FTP connections well enough that they don't require statically assigned paths into protected networks for clients behind the firewall to be able to use FTP with a host outside of it. In short, you simply allow OUTBOUND connections (from your protected network to your FTP server in the DMZ) through your firewall, and this will enable you to use the resource while still not letting any new connections from the DMZ (including your FTP server) to your internal LAN. - -danielrm26 -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPlF6z1Jwf7WiYT5vEQLZzQCguOuH6m1PVPbUs/UK3CEf1K8o1wEAoIW1 JX+jNUtpO1oUNKjaqxN0XbGZ =JI/x -----END PGP SIGNATURE-----
