I'm forwarding this for a friend -- I'm afraid I have not much in the way of ideas to help him and we're getting increasingly frustrated trying to solve these issues. Most notably the PC Anywhere issue stands out -- he has the PC Anywhere remote client behind an ISA box, the PC Anywhere Host is out in the world and accessible if he DOESN'T go thru the ISA host, but for some reason we've had no success getting PC Anywhere remote thru the ISA box. If it matters he has ISA running on a new Win2K3 server. Any thoughts? -Ben- Ben M. Schorr Director of Information Services Damon Key Leong Kupchak Hastert http://www.hawaiilawyer.com <http://www.hawaiilawyer.com/> _____ Sent: Friday, August 08, 2003 10:40 To: Ben Schorr Subject: ISA Server Took it down again last night. It appears as though virtually no configuration changes I make have any effect. There must have be a crucial step in the setup I failed to take. It reminds me of NT Server where the novice might believe it was up and running, but underneath the configuration was all screwed up. Here's what happens: PCAnywhere: ISAserver.org's instructions are really for having the host behind ISA, I have the remote behind ISA and the host in San Jose. Regardless, the instructions have no effect. Microsoft has a Knowledge Base article on the host being on the ISA Server. This is not the case either, nor do their instructions work. KB Art. 295667 is the one that should apply, but their suggestion to create an "Allow All" protocol rule still does not work. Publishing Web Server: Looks straight forward, help files followed to the letter. Web server still blocked to the outside. Site & Content Rules: Have no effect on inbound traffic. Sometimes work on redirecting users from a forbidden site, but not always. Works more reliably with IP's rather than URL's. Something strange. When a blocked URL (re-directed) by the rules is opened in IE (that is, the rule isn't working), I put the IP, vice the URL in IE and, the rule will begin to work. After I have done that, the URL, put in IE, will from then on be blocked per the rule. Mail Server and SMTP: Properly routes mail to the SMTP server but applies absolutely no filtering. Inundated with spam while on ISA server. I saw in a book at borders that the SMTP server should be configured to relay through the ISA Server. Tried that. SMTP server (IIS) on ISA Server machine rejected relays. Changed to accept relays from SMTP server. Then it stored but would not forward any outgoing mail. This should affect the filter only on outgoing mail anyway, which is far less important to me. So we are back on the router. Need to bootstrap configure ISA Server, and perhaps Win 2003 Server, I'm afraid.