hello,
> Our proxy/firewall server connects two LAN's to the internet.
> On both LAN's we have private web servers, witch should not be accessable
> from the other LAN.
>
> I've tried to define the following acl's:
>
> acl lan1 src 10.0.0.0/255.255.0.0
> acl lan1_deny dst 10.30.0.0/255.255.0.0
> acl lan2 src 10.30.0.0/255.255.0.0
> acl lan2_deny 10.0.0.0/255.255.0.0
>
> http_access deny lan1_deny
> http_access allow lan1
> http_access deny lan2_deny
> http_access allow lan2
try these:
http_access allow lan1 !lan2_deny
http_access allow lan2 !lan1_deny
a.
Received on Tue Mar 26 2002 - 05:19:01 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:05 MST