Mario, VPN isn't what my desired outcome is. :-( When you ask about using web login with OWA, what specifically are you asking? A user is required to log onto OWA through the OWA default page (logon.asp). Is that what you're talking about? If an OWA box is configured with an RSA agent running on it (not ISA-based RSA API), the RSA agent will check to ensure that the user authenticating against OWA is the same that authenticated against RSA. If the users don't match, RSA displays an error page stating such. Our desire is to move this user checking off onto the ISA server. Cordially yours, Jerry G. Young II MCSE (4.0/W2K) Atlanta EES Implementation Team Lead HHS Engineering Unisys 11493 Sunset Hills Rd. Reston, VA 20190 Office: 703-579-2727 Cell: 703-625-1468 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. ________________________________ From: mjjdejonge@xxxxxxxxxxxxxxxxxxxxxxxx [mailto:mjjdejonge@xxxxxxxxxxxxxxxxxxxxxxxx] Sent: Tuesday, February 28, 2006 11:42 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2004 Enterprise Edition RSA-Integration http://www.ISAserver.org Dear Gerald For the OWA solution are you using it with web login? Ore without web login? VPN is supported in RSA with ISA2004. Cheerz Mario ________________________________ Van: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx] Verzonden: Tuesday, February 28, 2006 17:26 Aan: [ISAserver.org Discussion List] Onderwerp: [isalist] ISA 2004 Enterprise Edition RSA-Integration http://www.ISAserver.org All, I'm at a bit of an impasse. I have configured an ISA 2004 EE Array to use RSA SecurID for accessing a published OWA site. I can authenticate against the RSA Authentication Manager just fine. The problem comes when the OWA site is passed back to the client; a user different from the one that authenticated against RSA can log onto OWA. Does ISA 2004 EE only support a VPN-like logon (authenticate against RSA for access to the network) for RSA? Or is there a way to have the ISA Array ensure that "two-factor" authentication is followed without putting an RSA agent on it? Cordially yours, Jerry G. Young II MCSE (4.0/W2K) Atlanta EES Implementation Team Lead HHS Engineering Unisys 11493 Sunset Hills Rd. Reston, VA 20190 Office: 703-579-2727 Cell: 703-625-1468 THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: mjjdejonge@xxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gerald.young@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx