Okay. Try this: Local Security Policy in Admin Tools Right click on IP Security Policies on Local Machine Create IP Security Policy Do NOT Activate the default response rule (Default security rule should be unchecked) ADD a new Security Rule Modify the Tunnel Endpoint, the Network Type, and the Authentication Method as you require In the IP Filter list, select and edit "All IP Traffic" Edit the IP Filter List: For Source address, choose "A specific IP address" and specify the internal IP address For Destination address, choose "A specific IP Subnet" and specify the internal subnet. Check "Mirrored." Save those settings, and then select the Filter action you want. Though that IPSec policy will still apply to both network cards, it should not effect external traffic. (I think). ----- Original Message ----- From: Brewer, Lewis To: [ISAserver.org Discussion List] Sent: Tuesday, October 01, 2002 9:18 AM Subject: [isalist] Re: ISA and IPSEC Based internal Network http://www.ISAserver.org I would but that setting is for all Network cards not just the one card you opened. Lewis Brewer -----Original Message----- From: Jay [mailto:jschwarzkopf@xxxxxxxxxx] Sent: Monday, 30 September, 2002 17:19 To: [ISAserver.org Discussion List] Subject: [isalist] Re: ISA and IPSEC Based internal Network http://www.ISAserver.org Properties of the external network connection. Properties of TCPIP Advanced button Options Tab Properties of IP Security Select "Do Not use IPSEC" ----- Original Message ----- From: Brewer, Lewis To: [ISAserver.org Discussion List] Sent: Monday, September 30, 2002 3:49 PM Subject: [isalist] Re: ISA and IPSEC Based internal Network http://www.ISAserver.org Ah there is the key how do you bind it to one network card but not the other I have yet to see an option to choose which network card it binds to. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jschwarzkopf@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')