Phil, In order to make sure authentication takes place, you will want to have the 'Ask unauthenticated users for ID' checked. This will make sure nobody can accidentally gain access through anonymous means. As far as I've figured, in order to have digest authentication working, you have to have integrated authentication as well. This may not be the case, however, because Digest auth. is only supposed to work with a 2000 DC, and I'm running on an NT4 DC with a 2k BDC as the ISA. It will work for me when I have integrated + digest, but with just digest, I get the password prompt 3x, then am denied. Note that I always have 'Ask unauthenticated users for ID' checked. I don't know if this will help you, but hopefully it will. Thanks, Phillip -----Original Message----- From: Phil Curtis [mailto:philwcurtisjr@xxxxxxx] Sent: Thursday, August 16, 2001 5:12 PM To: [ISAserver.org Discussion List] Subject: [isalist] Authentication http://www.ISAserver.org This is probably a silly question to most but hey I just don't know... My test bed. Window 2000 Server Domain Controller Sp2 with two firewall clients. Window NT workstation 4.0 sp 6 and Windows 98 SE. My firewall clients are on my private network. When using Digest Authentication w/o "Ask unauthenticated users for identification" checked. I am not prompted for user id on "Outgoing Web Requests" and I can access the web going through my proxy. Once I check "Ask unauthenticated users for identification" and prompted for user ID I enter in administrator id and password, but it won't give me access. It works fine with Basic and Intergrated. For Digest Authentication I do have a domain controller on the local proxy. I don't understand why I am not getting access. Do I have to have "Ask unauthenticated users for identification" checked to use Digest/Basic/Intergrated authen.? Or can I just check those alone and be authenticated. I don't think I am every asked for user authentication w/o "Ask unauthenticated users for identification" checked. Phil Thanks ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: phorn@xxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')