Hi.
This is an example topology just to give a general idea:
(Internet) ---(FW1/FG-1 NG AI R55)---(LAN1)
|
( LAN2)
|
( LAN3)
|
....
|
A station in LAN1 connects to http servers in internet and in LANs on
another FW interface.
The question is:
How can I limit only (LAN1)-> (Internet) http traffic without having
to write rules for other LANs ?
I had an idea to add networks 2,3,... into group named LANS and negate
that group in Destination field of the rule. But "Negate cell" optoin is
not available in QOS policy :(.
Thanks in advance,
Andrey.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
