Hi Sean, Its hard to tell what this application wants. However, it sounds like it sends outbound packets to TCP 443 and the responses are to 1214 and 1215. If that is so, then you'll need to become a master of the mspclnt.ini file, as this application isn't "firewall friendly". Think about it. The remote server accepts requests on its TCP 443 listener. It expects that the client will be able to receive responses on its 1214 and 1215 ports. The problem is, how do you let the firewall know that this is required? The firewall isn't a mind reader and has no built in knowledge of this protocol. Therefore, you have to have a mechanism that allows the firewall to be aware of the application protocols. You have three choices: 1. Hone your C++ skills and create an application filter 2. Install the firewall client on the machines that need to use this app, and burn the midnight out and figure out how to configure the mspclnt.ini file to support your app 3. Inform the devs of the application that firewalls are now all the rage and they might consider that fact when creating network applications ;-) HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Sean Rector [mailto:srector@xxxxxxxxxxxxxxxx] Sent: Thursday, August 21, 2003 8:07 AM To: [ISAserver.org Discussion List] Subject: [isalist] Custom App doing port redirection... http://www.ISAserver.org Hello My 1st post. I have a customer who is running SBS2000, and has ISA enabled. They have a custom application that looks like a printer to their local computer, but it is actually sending a form via email. The local ports are 1214 and 1215, and the remote port is 443 (according to one of the app's tech support people, who got this information by running it on his home computer, and Norton Internet Security reported it as such). I've set up two Protocol Filters allowing 1214 and 1215 to redirect to 443, but the error is as follows: "Access Denied. The proxy server needs authentication. The handle is in the wrong state for the requested operation." The application is called MortgageMail by EllieMae, and works with their "The Loan Handler" and "The Loan Closer" applications. Any help would be greatly appreciated. Sean ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')