The new business class Linksys router (RVS4000) has lots of great features (very much like Cisco’s IOS).  I was recently setting one up for a customer that had an SBS server and a Symantec mail appliance.  The SBS server was not going to use ISA so I needed to set up a VLAN on the Linksys for the DMZ.  This was all easy enough, but when it came to publishing ports, I ran into a limitation in the configuration interface.  I needed to publish RDP (TCP port 3389) directly to the SBS server on the main/default VLAN, and SMTP (TCP port 25) to the mail appliance on the DMZ VLAN.  Unfortunately, the web interface for configuring port forwarding on the Linksys only allows you to modify the last octet of a published address (pre-filling the first three octets from the default VLAN).  [more]I did some research and even called Linksys support, but this is “by design”.  I tried exporting the config to see if I could change the publishing definitions directly and just re-import, but the config also only saved the last octet.  I was able to work around this limitation by spliting their class C in half (255.255.255.128 as the subnet mask) and using the lower half for the internal LAN, and the upper half for the DMZ.  This way, I was able to publish ports on the two separate VLANs, but still have the traffic segmented.