We have done it a number of times for secure government business to business applications. This is where the app and data is on the Presentation Server and the security policy disallows internal access. In these cases the server is usually a standalone farm and if I knew what was running on it they would have to kill me :-) Steve Greenberg Thin Client Computing 34522 N. Scottsdale Rd D8453 Scottsdale, AZ 85262 (602) 432-8649 www.thinclient.net steveg@xxxxxxxxxxxxxx _____ From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Joe Shonk Sent: Wednesday, April 25, 2007 6:03 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Citrix on DMZ Question. Why would want to put a Presentation server in the DMZ? I know there are some valid reasons, so make sure to take the litmus test first. It's 2512, 80 (or whatever the XML port is), 1494, 2598, 27000, the TS Licensing Port. Joe From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Turman, David C. Sent: Tuesday, April 24, 2007 12:51 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Citrix on DMZ If I were to put a Presentation Server 4.0 box on a DMZ, what ports would I need to open on the firewall to have it talk to and be a member of a Presentation Server 4.0 Citrix Farm on the insdie of the firewall? I'm assuming at least 1433. Any others or problems with doing this?