> Not to clear on the filters > > 1) you create an ip filter. Protocal of 0 is for everything Protocol 0 is indeed for everything. > 2) assign it as a data filter in the ethernet-> answer section > > If my filter is 10-504, the the filter is 504. Actually it's 4. The filter numbers are always yyy mod 100 if the filter's ID is xx-yyy. Secure access firewalls are (bbb mod 100) + 100 if the firewall's ID is aa-bbb. > Any sugguestion appreciated. Need to block out rfc1918 packets. On input, I guess? (you want to treat them as martians) In filter 01... Type=IP Forward=No IP..Source Mask=255.0.0.0 IP..Source Addr=10.0.0.0 In filter 02... Type=IP Forward=No IP..Source Mask=255.240.0.0 IP..Source Addr=172.16.0.0 In filter 03... Type=IP Forward=No IP..Source Mask=255.255.0.0 IP..Source Addr=192.168.0.0 In filter 04... Type=Whatever Forward=Yes -Phil ++ Ascend Users Mailing List ++ To unsubscribe: send unsubscribe to ascend-users-request at bungi.com To get FAQ'd: <http://www.nealis.net/ascend/faq>