I really thought this was going to be a stroll in the park compared to the other stuff I had to do for ISA but I guess not. First off I really liked the idea of the tri-homed setup for the DMZ. It was economical and configuration would be kept to a minimum. Anyways, I set up the DMZ just liked tom said in his tutorial. I used 2 public ip's which are on the same subnet as the default external ip address of ISA. So you could say that all the public IP's are on the same subnet 255.255.255.192. Speaking of economical I first set up the DMZ using a crossover cable from the ISA to the web server. The funny thing was I couldn't ping ISA from the webserver. So at first I doubted myself and the configuration of the crossover cable. So I decided to remove the cable and replace it with 10/100 hub and guess what I still couldn't ping the DMZ nic from the Web Server. I can ping the DMZ nic from my internal network and ISA itself but when I try form the webserver I get a request timed out. Just to double check I asked the ISP to try and ping the DMZ ip and they couldn't do it. I know it is not a hardware failure because all of the stuff that I'm using now was working before. I added all the ICMP packet filters possible for the DMZ nic and the webserver nic. I also added DNS and Http packet filters for the DMZ and the Web server. I also tried surfing from the web server but no luck it just seems like the DMZ nic does not want to route inbound or outbound packets. And yes IP routing and Packet filtering are enabled. Does anyone out there have a clue. I would really appreciate it since I just went through round 3 with OWA and finally got it working again.