|
||||||||
Thanks for the responses. I kind of thought that was the case and actually and have been running my DMZ on a separate switch. However I've also been running IPX/SPX on the DMZ boxes so I can do other networking. Which is probably worse than running them on the same switch. Peter On Wed, 7 Sep 2005 21:05:21 -0400, Chris Buechler wrote: > On 9/7/05, Peter <peter at iwebsl dot com> wrote: > >> This is potentially a daft question but .... I really need to >> know ;-) >> >> It it imperative to physically separate the LAN & DMZ ? >> > > Yes. m0n0wall tends to not be happy when two interfaces are on the > same broadcast domain (sometimes to the extent that nothing works). > Regardless, putting them on the same broadcast domain eliminates the > point of having a DMZ in the first place. > > -Chris > > -------------------------------------------------------------------- > - > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch |