I am seeking to use ACL's to block the outbound traffic on private addresses that many of our remote POP's are producing. Remote POP's consist of a Cisco router (2500/2600's) and various access servers. I understand it is better to filter this at the source of the problem and not the exterior gateways. At the remote POP, should I apply these ACL's (Blocking 10.0.0.0, ect private networks) to the Ethernet interface, incomming or the serial interfaces, outgoing ? Serial interfaces would be the T-1 connections to the outside network and Ethernet interface is how the access servers are connected (via a switch) to the access servers.
james _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
