> I am being pressured very very heavily to allow ARA (appletalk remote
> access) through our firewall, specifically through a dial-in modem pool,
Do you really mean "through our firewall", as in the ARA server is on
the outside and your firewall lets AppleTalk through???
The only way I would consider doing this is if the router connecting you
to untrusted networks does not route AppleTalk. While it is pretty much
a given that in the U.S. we only route IP, I understand that in
Australia you route AppleTalk on your Internet as well.
If you do have AppleTalk routed from the outside world, I would seriously
consider putting the ARA server on the inside, or on a private interface
connected to your firewall and only allowing AppleTalk packets from that
interface through to the inside.
-Jonathan hue @