Hi Gillian, The account is configured on the upstream and the downstream send credentials to the upstream. I don't see how creating different accounts would be more secure, but you could create two accounts such as ISA1 and ISA2 and that might make reporting and troubleshooting a little easier. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Gillian Cook [mailto:gcook@xxxxxxx] Sent: Tuesday, June 24, 2003 1:39 PM To: [ISAserver.org Discussion List] Subject: [isalist] B2B DMZ Redundant internal ISA server http://www.ISAserver.org Question, What is the recommended setup in a redundant internal ISA server in a B2B DMZ configuration. EXT ISA DMZ INT ISA1 INT ISA2 My main question is this: Should I use the same account for the upstream firewall and web routing rule on both of the internal ISA servers to connect to the upstream (external) isa server? Or use a separate, different account. Are there pro's and con's in each config? We would use round robin DNS for accessing the internal clients to the internal ISA servers (config in IE and in Firewall Client). Therefore, if one ISA server went down, internal users would still be able to connect to the other internal ISA and get outbound to Internet. TIA, Gillian ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')