> Steffen Weiberle wrote:
How many ways do you have to get to the internet? I hope two, since will need one.

I am not able to picture your setup, however, take a look at

Maybe a better explanation of what I'm trying to accomplish would help.
This is my current setup which works well. The firewall does NAT so my public IP is translated to

   cable modem
      nic1 (
---bastion host----------
host1 host2 host3 host(n)
(all on

Three public services run on the bastion host (dns, mail, webserver) and I thought I would introduce another level of security by moving these into zones but it has proven to be more difficult then I had anticipated because of the two subnets. All of my testing was done on a workstation with only network involved. All though I have limited experience with zones this seems like something that shouldn't be too difficult to set up.

 Robert W Hartzell
bear at rwhartzell.net
