The limitation with ICS, or at least it used to be a limitation in XP, not sure about Vista or Win7, is that you can only share the internet connection with one NIC in the computer. So basically, You have the modem providing the internet to NIC1, then you share the internet with NIC2 out to your PC. It will not allow you to share it with NIC3 also. However, the simple solution to this is to have: Modem to NIC1 NIC2 to Switch/Hub Switch/Hub to Your PC Switch/Hub to Your Mom's PC It isn't an ideal solution, but it works that way. As for the port/DMZ/Firewall issue, let me try to explain it in an easy way: Lets assume there are only 5 ports(I know there are ~65000, but lets just assume there are only 5 for this example). And lets assume we have two computers, Computer A and Computer B. When you forward a port, you are telling the router to send all incoming traffic on that port to a specific computer. So lets assume you forward Port 3 to Computer B. What this does is send any incoming connection requests on Port 3 to Computer B. If you did not foward the port, obviously all incoming connection requests on Port 3 would be completely blocked because the router does not know what it is supposed to do with that requests. Now, if you then try to forward port 3 to computer A also, the router would get confused. It would not know to which computer it is supposed to send incoming connection requests on Port 3. Now I know you are asking: Why not just send the request to both computers. The reason it is not done this way, is that both computer might respond to the incoming connection request, and if this happens and both computers attempt to open the data connection on the same port, the router would likely lock up or the wrong computer might respond blocking the correct one. Now there are a enterprise class routers that can handle this type of situation, however if the WRT54GL is out of your price range, then they are way way out of your price range. Now, if you assigning Computer A as DMZ, you are in effect forwarding ports 1 through 5 to that computer. What this does is tell the router that any incoming requests on any port get sent to that computer. The only exception is ports that you have specifically fowarded to another computer. So lets say Computer A is DMZ, and your forward Port 4 to Computer B. Then all connections requests on ports 1,2,3, and 5 go to Computer A, but any connection requests on Port 4 go to Computer B.