On 7/2/07 11:14 AM, "Hallam-Baker, Phillip" <pbaker@xxxxxxxxxxxx> wrote: > There is no other device that can provide me with a lightweight firewall for > $50. Of course there is - the same device that's providing the NAT. NAT by itself is intrinsically policy-free, although it implements policy as a side-effect. I'm unclear on why you think that a default-deny policy is better implemented on a NAT than on a firewall. Melinda _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf