My appologies to the moderator, I posted from the wrong address. (please delete that message or ignore) Anyone familiar with netscreen firewalls. I have one to do some configuring on and un familiar. I'm wanting to do things like adding a rule and updating ACLs for specific ip / port combinations. I'm somewhat familiar with pix and very familiar with Cisco ACL expressions but this environment baffles me. I'd be open to a good pointer for beginner reading. or if someone's skilled in this but out of work I'd pay some cheese off list for your time for a primer. ( Cisco Pix as well) I'll probably have a fairly steady flow. I'm a carrier guy very solid on things like BGP and traffic engineering and I'm working for a company that's heavy on layer 2 and simple IP. The main issue is the people before me were extremely unskilled and left no documentation. I'm doing cool things now in the switching fabrick (802-1W + vrrp+ a logical VLAN design) but the firewalls baffle me because they aren't IOS. (I wish I could just do the whole thing around /24s or shorter and OSPF for loops only ; ) let bgp do the rest) Anyway I'm up for an on list discussion of Juniper Net Screen or contact me off list. I'm also up for a data exchange of pix / net screen for complex backbone traffic engineering including PFR if anyone needs it. Thanks Scott