I agree with you but what i need is the cisco's "policy". I need only for a few pcs to use the X gateway, others use the Y gateway and the rest use a balance pool Z. Because the proxy has only one ip address the pfsense use, for example, the X gateway instead of the one for which the machine's ip source, which did the request, has to use it.
For example, in my pfsense's settings, the machine A use the X gateway and the machine B use the balance pool Z. But because the proxy is between the machines A, B and the pfense box, both use the same gateway. Obviusly the policy -like who may connect to what site on what port- is set in the proxy. But the choice for which gateway to use is set in the pfsense box. 2009/2/16 RB <[email protected]> > On Mon, Feb 16, 2009 at 07:57, Federico Konig <[email protected]> > wrote: > > Nobody answer? > > It was unclear whether you meant "policy" in the Cisco sense (route > source X via gateway Y) or "policy" in the sense of applying access > policies - like who may connect to what site on what port. Either > way, a firewall that doesn't do "deep packet inspection" (L7 > filtering), cannot distinguish what client issued what request to a > proxy - if there is any policy to be applied, it must be done at the > proxy level and not at the firewall level. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > Commercial support available - https://portal.pfsense.org > >
