Fri Mar 19, 2010 1:19 pm
Thats neat, didnt know you could do it that way, but that isnt what I was talking about. I dont use transparent proxy for a lot of the networks. Some networks in the same range would have different clients with different access requirements. Some protocols are non-proxiables, so there are filter rules for them, acting on address lists, others are proxy rules using hostnames. When I add filter rules to 100ish routers, I add them in batch using address lists, even though the IP addresses might be different site to site, they are already configured. Right now, for proxy rules, I have to add unique rules site to site.