Hi, Looking for some advice / suggestions on a botched server setup I've inheritted. (The prior system admin left rather hurriedly with a boot up his bum last friday night) The whole system, including the physical setup, is a prime example of 'how not to set up a system'. The system will allow for new users to be created but dows not allow for these to be granted inbound VPN access into the network. This situation has been in place for several weeks, and management finally got feed up, and got rid of the cause of the problem when they found out he did not have any MCSE quals as he claimed 12 months ago on his job application. To make the situation worst there is absolutly NO documentation what so ever, they can't find the media for the software that has been installed on the servers nor the intall keys for windows server 2003. The company concerned is also in the delivery phase of a multi million dollar contract which will run till April / May this year. They can not allow any down time not even 1 hour on a Sunday, which makes the situation difficult to say the least. So any fiddling with the setup is really walking on ice stuff. They are wanting to add new users as the delivery phase ramps up, but the new users are not able to VPN in from external to read e-mail / access files on the server etc. When the user attempts a connect, on the first attempt they receive a 'The remote computer did not respond' error, on the second and subsequent attempts they get 'The user does not have dial in access' which they do. From what I can gather, it seems the ex sys admin installed Windows server Sp1, between christmas and new year, and thats when everything started to turn sour. The setup: There are 5 servers in the network All server are running Active directory and all are set as global catalog servers. Server 1. Configured as a firewall Windows server 2003 Standard + SP1 ISA server 2004 Standard + SP1 + RPC hot fix Dual nic'ed, published exchange for incoming / outgoing e-mail VPN server for inbound connections When you start the ISA management console, it gives a series of errors 'unable to send the command to the program' and then MMC fails. This is going to be a bugger, as I am quite confidant that the set up of the rules on the ISA server are a mess, but I can't even see what they are, as the MMC is crashing when I try to acess it. As far as I can see so far on the servers there is not even a backup of the ISA config in a file. Server 2 Configured as a file / print server. Windows server 2003 Standard + SP1 Server 3 Exchange server Window server 2003 Standard + SP1 Exchange server 2003 + sp2 Server 4 and 5 File servers doing on line copies from the other print file server at midnight. Windows server 2003 + Sp1 The Active directory users and computers MMC on the exchange server is used to manage existing users / create new users as it is the only one with the exchange extensions. Inbound / outbound e-mail is flowing fine with no obvious issues. File access to the file server works fine, for existing users both throught VPN and locally, new users can only access via VPN. Inbound VPN works fine for users who were defined in the system prior to SP1 being installed. Any user created since, works OK internally for computer on the internal LAN with exchange etc, but are not able to connect from externally using VPN. Outlook web access is not working externally, but is working internally. As I can get at the config on the ISA server, I don't know if the publishing rules are in place. Any suggestions on firstly how to get at the firewall rule set, that not likely to bring the house down around me ? Any suggestions on how to get new users working on VPN, again with out breaking anything.