>From: Thomas W. Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] >Are you bind public and private address to the same NIC?? Hmmm. I think >that defeats the purpose of creating a DMZ, even if such a thing were >possible. For a trihomed ISA Server DMZ configuration, you have to have >the TRI part configured :-) Yes I was binding a public and private IP to the same internal NIC to create a 'TRI' homed server... or so I thought. Ok I get it now - the 'Tri' part means you MUST use 3 PHYSICAL NICs :-) ...that'll explain why I needed to create a protocol filter instead of just a packet filter to get out and all that other weird stuff. Thanks for sticking with me on that one Tom. Regards Nigel