Greetings I am a newbie to ISA. We recently upgraded ISA2000 to ISA2004 (imported ISA2000 configs) and since the upgrade, the remote internal networks aren't able to access any of the local internal (headoffice) network resources (eg. mailserver on port25) nor external resources. The ISA 2004 server is the default gateway for all 'local network' Windows servers and clients. The remote networks are connected via routers to the head office. When I add a static route on a 'local windows server' for one of the remote networks to point directly to the router linking to the remote net (ie bypassing the ISA server for that remote net; not using ISA as default GW for that remote net), then connectivity works fine. Otherwise ISA server monitoring reports denied connections from the Windows server to the remote network source port (>1024). My ISA 'internal' network config includes all networks, local and remote. Full access is allowed from internal to internal. All client computers are still using the ISA2000 firewall client. What are we doing wrong? Internal Network Config: remoteoffice1 --> headoffice local network <-- remoteoffice2 HeadOffice is connected to the internet. The remote offices use the internet connection at the head office to access external resources. Your response/s will be appreciated. Regards -------------------- Luq A