Hi all, I have a somewhat complex setup consisting of two Internet connections; a MLPPP connection w/ 2 T1's to ISP1, and a single T1 to another provider (ISP2). I have created a loopback interface w/ for my ISP1 public IP block (/26). (Long story, but that's the way it's gotta be) There is a single ethernet connection to the LAN. ISP2's address space (/27) is applied on the serial interface at which the T1 connects.
ISP2 ISP1 | | | /30x2 | Mu1 | | S0 /27 Lo0 /26 \\ / eth0 /24
My question is this, I have IOS firewall featureset, and I want to put ACL's on my two external links, but I'm not sure which interface (multilink1 or Loopback0) to apply the ACL's and INSPECT policies for ISP1. Also, if it is to be applied to the Loopback, in which direction? It seems like if I apply it inbound, then it will see all traffic as inbound, regardless of the source (LAN/Multilink).
Thanks for your help.