Unless you seriously mess up your ISA configuration, nothing gets in that you don't either implicitly or explicitly allow. Take a read in here: http://www.isaserver.org/shinder/tutorials/dmz_scenarios.htm Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/authors/harrison/ Read the books! ----- Original Message ----- From: "Ducky" <educky@xxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, January 14, 2002 11:14 Subject: [isalist] ISA help continued. http://www.ISAserver.org Ok first off thx for the suggestions, second I found under a FAQ something to do with TRI homing... not a problem, looks like that will work... INET ---- FIREWALL ---- Internal IP's |---- Webserver (5 external IP's) \----- Router (external IP) My question is this... if my webserver and firewall both are going to get an external IP since the webserver is going to be on the firewall, is it protected? or can it be? Packet filtering ETC? or is this basically going to be the same as plugging the webserver and router on a switch and into the firewall? because it would really defeat the purpose of me trying to get the firewall up... TIA Adam ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')