> > 2. Having a problem with my DNS settings. I was trying to set it up so > that the internal card was configured as the DNS server which is then > pointed out to a public DNS server through our ISP. Then using IPSec I > blocked all incoming traffic except port 25 and 80 on the other card mapped > to an external ip . This affected some clients because they were trying to > access the server through the card that I blocked. Realizing this, I > changed my DNS settings so that it would only listen on the card that I > specified. The problem is that when I do that, DNS stops working > completely. (i.e. it fails when I test) What am I missing here? How can I > get my local client machines to access DNS through the specific card, still > have DNS run, and be able to block the card mapped to the outside? > > Since you are using SBS 2000, are you using ISA or are you familiar with it? > > I know of it, but I'm not very familiar with it yet. I plan on using it at some point, but > thought was trying to find a temporary solution until then. It what I'm trying to do > isn't possible, that's good to know and I can refocus on getting ISA working. If you have a public IP on the External and a private IP on the internal, and are using it as a NAT router, you will be better off just configuring ISA server. I would recommend either configuring the 3com OfficeConnect firewall (made by a firewall maker that has the initials of SW) for NAT and then using only the Internal NIC of SBS2000 or fully configuring ISA on SBS. What is it you want to accomplish using the 3com first? John Tolmachoff MCSE CSSA Engineer/Consultant eServices For You www.eservicesforyou.com