Hello all, I have a setup as follows: Internet ISA 1 DMZ ISA2 LAN My problem is that I want to allow a machine in the DMZ to authenticate to domain controller on the LAN. I have setup packet filters and protocol rules allowing the following: 1. Any RPC server 2. NetBios 3. LDAP 4. kerberos I have published the DNS servers to the DMZ as I am having the DMZ use my internal DNS servers. After all of this I am still getting netlogon failure. Figured I would try and get some help before I turn my ISAs into total swiss cheese. Just can't think of anything else to open up and feel like perhaps I have opened too much already. Thanks in advance for any help provided. Steve