The question is a little unclear, if you can pinpoint the unwanted sites
by network address, range of IP's , certain ports, the easiest way is to
implement access list on the inside interface, so they would be filtered
before going to the routing engine.
on pixs, do not allow do a deny statement on the conduits
for example
conduit deny tcp any eq www host 10.10.10.1
so I just blocked traffic to the 10.10.10.1 http traffic from any host
on the inside.
I hope that helps
Mohammed
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
