Has anyone set up a smart card system or similar on their site? If so, can someone please offer some suggestions as how they over came the following problem. IPSEC packets sent are NATed by the firewall and of course, as a result the hash value is changed due to the header of the incoming packet having to change for the addressing to the LDAP server. Now the main question is, how did anyone overcome this? Where did they put the LDAP server? DMZ, Internal, External? My thoughts aret hat you would put the LDAP server in the DMZ and direct address it from the source. Any thoughts would be good. John Taylor - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
