Hi, Our deployment architecture suggest our application deployment as follows: 1) SQL Server and one frontend server need to be on the intranet to to face internal users to authenticate using AD 2) another frontend server need to be placed on different zone to face external users to authenticate using RSA Is this a possible? Can you please help me with any links on how to achieve this.

What is your ultimate goal? Is this to facilitate external access by employees?John SharePoint911: SharePoint Consulting Blog: http://www.rossonmoss.com Twitter: JohnRossJr MOSS Explained: An Information Workers Deep Dive into Microsoft Office SharePoint Server 2007

We want to achieve this: 1) Employees should be able to access the site through ad login when they are in network 2) All clients should be able to access the site through RSA login and employees should also be able to access the site through the RSA login.

What is RSA? As per my understanding, You should use FBA authentication for same. Follow below link for FBA: http://www.codeproject.com/KB/sharepoint/FBA.aspx Cheers, Hemendra-MCTS

Please read what follows from http://technet.microsoft.com/en-us/library/cc298636(office.12).aspx: If you modify the IIS bindings of a Web application by adding a host header binding or an SSL port, or by changing a port number, Windows SharePoint Services 3.0 is not aware of these changes and does not update the Web application's alternate access mapping URLs. If you update the Web application's alternate access mappings to change a host header, switch to an SSL URL, or change a port number, Windows SharePoint Services 3.0 will not automatically update your IIS bindings to match. To update the URL or IIS bindings of a Web application, you must unextend and re-extend the Web application, and reconfigure alternate access mapping URLs or IIS Web site bindings. ... We do not recommend reusing the same IIS Web site for your HTTP and SSL hosting. Instead, extend a dedicated HTTP and a dedicated SSL Web site, each assigned to its own alternate access mapping zone and URLs.