Hi Tom! I've just joined to this list, but I've already read many articles by you. But there is something I simply couldn't understand which is "packet filters" when I have a three-homed ISA server. What I don't understand is the traffic between the DMZ and the external network. When I try to create a packet filter between them I ask to myself: "what is an INBOUND traffic?", "what is an OUTBOUND traffic?". Aren't they both external? What should be the reference point to find out what is IN and OUT? Could you give me a clearer explanation about this? Could you give me an example of allowing a traffic from External net to DMZ? And also the same traffic from DMZ to External? Not even the Microsoft Professional Supporte gave me a good explanation... Thanks for your help! Best regards, Antonio PATARO Reis pataro@xxxxxxxxxxxxxxxxxxxxx Microsoft Certified Professional -----Mensagem original----- De: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Enviada em: quarta-feira, 4 de dezembro de 2002 14:26 Para: [ISAserver.org Discussion List] Assunto: [isalist] RE: ISA Server and Beyond now available from amamzon and barnes and noble http://www.ISAserver.org Hi John, That's right. That's the only way to create the traditional trihomed DMZ with ISA Server -- you have to use public addresses. But as you'll see in the ISA Server and Beyond book, there are some creative techniques you can create to create a LAT-based "pseudo" DMZ segment. Thanks! Thomas W Shinder <http://www.isaserver.org/shinder> www.isaserver.org/shinder <http://tinyurl.com/1jq1> http://tinyurl.com/1jq1 <http://tinyurl.com/1llp> http://tinyurl.com/1llp