It depends on what you mean by them getting confused. Other than a single device to manage, along with the support issues that you've brought up, I don't believe there are many other advantages to having them on the same box. Security issues that arise from having them separate is just that you would have to poke holes through your firewall to allow the VPN connections to be established (if you're firewalling that traffic to begin with.) Nothing terribly major as long as strong password policies are in place, or the use of a SecureID or something similar. Regular auditing of established connections/attempts is something I would highly recommend that is often ignored. That's my opinion at least. -Russell Joe Norton wrote: > This message brings up a subject I could use some input on. Here we have > a seperate VPN and firewall setup, and they get confused. Does a straight > firewall that supports VPN work any better? Are there disadvantages to > having it all on one box? I can imagine it being cheaper and easier to > support, but are there any security or managment issues that might make it a > bad idea?