Hi list, I'm working on a Bastion Host/DMZ config. I have the following setup: Internet-> Router-> BastionHost-> Switch-> Firewall-> LAN ----------------------------- \DMZ/ (Webserver) In the DMZ are placed some Webservers with public IP's. The Bastion Host machine has two network interfaces, both with public IP's in the same subnet(!?). The first network-interface (eth0) is connected to the router, the second one (eth1) connected to the switch as the default gateway for the webservers (and Proxy for the LAN). # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 131.131.111.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 131.131.111.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 0.0.0.0 131.131.111.1 0.0.0.0 UG 0 0 0 eth0 The problem for me is, to access both network devices seperately. (Only eth0 is working because of the default route) I guess this is a error in reasoning. Can somebody give me a hint on how to solve this problem ? Maybe it's the wrong topology ? Thanks ;) jan.