Question ? what is the logical authentication path when a client access a VPN server over the internet? Does the client connect to ISA ? get authenticated then proceed to the VPN server or does the client connect to the VPN server which passes the authentication to and back from the ISA server? Dumb question ? I suppose so ? but thanks!