You can send it to the public directly - but don't do it. IT will
basically make the PM-3 an independent entity n the Internet And your
RADIUS packets WILL go over the public net. They aren't in the clear, but
they can still be sniffed and then brute forced attacked. Also, any
admin sessions to the unit, syslog, etc, will all go over the public net.
Simply put - EVERYTHING that goes from this PM-3 to your LAN will need
to be sent in the public domain.
it is better to have a centralized feed to the outside world where you can
choke traffic and do DoS filtering and the like. I would never configure
the POP as its own entity.
-MZ
-- <URL:mailto:megazone@megazone.org> Gweep, author, webmaster, human being, me "A little nonsense now and then, is relished by the wisest men" 781-788-0130 <URL:mailto:megazone@gweep.net> <URL:http://www.megazone.org/> Hail Discordia! - To unsubscribe, email 'majordomo@livingston.com' with 'unsubscribe portmaster-users' in the body of the message. Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>