[c-nsp] dual cbac

[Kevin Graham]

> The idea is to have one router and internet connection for two companys 
> and to have full controll about the communication between the two 
> companys (acl to-company1 and to-company2). 

There's no graceful way to do this w/ legacy CBAC. Instead, consider the
Zone-Based Policy Firewall. I think ZPF will handle what you want very
nicely -- design guide is at:

 http://www.cisco.com/en/US/products/ps6350/products_feature_guide09186a008072c6e3.html