A question got thrown at me while coming up with a solution for a problem. We want to funnel traffic from a certain external address around our firewall and allow everything else to hit the fire wall. Easy, right! Get the ip of the device and allow it to use a shunt. Problem: The traffic is SMTP and the internal network's policy is such that it sends SMTP to the firewall. Apply an ACL to route the traffic right? Which begs the question does Policy negate ACLs?? Our external net uses ip based routing, if that helps. ___________________________________ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]