if I have 2 rules allowing http traffic and one is allowing only a client set and the other is only allowing an nt group of users, in what order do they get applied? I want the ip range of computers to be allowed to browse without getting prompted for authentication from the rule allowing only the members of an nt group . . .