12-03-2012 08:12 AM
I need advice on policy writing.
customer has 50+ small branches, each one RAP.
Whole network is flat and interroutable.
Each branch has unique subnet which looks like this:
192.168.x.1 application server
192.168.x.2 application client
192.168.x.y (other computers not relavant for this problem)
In each branch, client is allowed to talk only to local application server.
I know how to make a policy for each location, but that would mean I have to write 50 unique policies and pair them with 50 AP groups.
Is there a way around it, e.g. wildcard on 3rd octet of IP address?