Hi Nassit Firstly, what is LS? Secondly, the entire answer to this question relies upon one simple fact: Even though you have 2 Local Area Networks (LAN's), do they both participate in the same Windows 2000 Forest (and thus share the Active Directory & Global Catalog)? If the 2 LAN's are in the same windows 2000 Forest, then "User Y" on LAN2 will make a request to the ISA Server, the ISA Server will then forward the authentication credentials to a Domain Controller in the same domain as the ISA Server, if the credentials are valid, then access will be granted. Does this provide any answers for you? Or did I misunderstand your question? Cheers William R. -----Original Message----- From: NASSIT NAJAT [mailto:n.nassit@xxxxxxxxxxxxx] Sent: 19 December 2002 16:17 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Help? http://www.ISAserver.org Hi William, I think that my question wasn't too clear. So the question is : Our LAN1 is connected to on other network (LAN2) through an ISA Server: ( LAN1-- ISA SERVER ====== LS ======== LAN2 -- "User Y"). We want to allow User Y to connect to LAN1 but with authentication (username and password). Is it possible? Thanks again. -----Message d'origine----- De : William Robertson [mailto:william.robertson@xxxxxxxxx] Envoyé : jeudi 19 décembre 2002 12:28 À : [ISAserver.org Discussion List] Objet : [isalist] RE: Help? http://www.ISAserver.org Hi Nassit I presume you mean: Is there a way to be authenticated on ISA Server by Username and Password instead of by IP Address? The short answer is YES!!!! But you need to provide us with more information... If you are using a normal Internet Explorer WEB Browser and you wish to authenticate with Username and Password for normal Internet Surfing, then simply setup the Internet Options, Connections, LAN Settings to make use of the ISA Server as a WEB Proxy. If you want to allow 3rd party applications to be authenticated by Username and Password (E.g. Windows Messenger, ICQ etc etc), then you will need to install the Firewall Client on each workstation. You can install this by running \\servername\mspclnt\setup.exe Once installed, the most common applications should work automatically. Once you really start playing with some funny applications (like I have on my site) then you will have to find out more about how the application tries to connect (through which TCP Ports, to which destinations etc), and then you will have to create a Protocol Rule and a Site&Content Rule to allow the traffic for the specific Username/Group. Cheers William R. -----Original Message----- From: NASSIT NAJAT [mailto:n.nassit@xxxxxxxxxxxxx] Sent: 19 December 2002 14:21 PM To: [ISAserver.org Discussion List] Subject: [isalist] Help? http://www.ISAserver.org Hi all, I have just received a welcome message so i'm a beginner here :-) the thing i wanted to know is that if it's possible to connect to ISA by a login and password instead of an IP adress. Thanks in advance List Sponsored by Aspelle Aspelle's Microsoft-centric, Aspelle Everywhere, leverages ISA server and the Internet to quickly and cost-effectively manage and deliver secure, client-less access to all corporate applications (Web, Unix, Windows and legacy systems), for all users. More info at http://www.aspelle.com/info ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: robertson.william@xxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') List Sponsored by Aspelle Aspelle's Microsoft-centric, Aspelle Everywhere, leverages ISA server and the Internet to quickly and cost-effectively manage and deliver secure, client-less access to all corporate applications (Web, Unix, Windows and legacy systems), for all users. More info at http://www.aspelle.com/info ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: n.nassit@xxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') List Sponsored by Aspelle Aspelle's Microsoft-centric, Aspelle Everywhere, leverages ISA server and the Internet to quickly and cost-effectively manage and deliver secure, client-less access to all corporate applications (Web, Unix, Windows and legacy systems), for all users. More info at http://www.aspelle.com/info ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: robertson.william@xxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')