Gateway DMZ <---> WAN isolation?
I was hoping to setup a guest wifi network that is completely isolated from the LAN. I presumed, wrongfully it seems now, that the DMZ feature, offered by the Gateway, would prevent traffic from the DMZ host ever reaching the internal LAN. My tests proove otherwise as I was able to ping computers on my LAN from the DMZ host. I did confirm that DMZ was working as external traffic aimed at the gateway's WAN address reached the DMZ host.
QUESTION: Is this expected?
If it is, then it seems like a dangerous and irresponsible setting for Comcast to offer as others might make the same assumption about network isolation.