On 10/4/05, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote: > Hi Danny, > > What I would do it put a caching only DNS server on the ISA firewall and > allow it to perform recursion. Then use that as a forwarder for the > internal DNS servers. If you don't want to do that, then commission a > DNS server that is not your Active Directory DNS server (dedicated, that > is) and use that as a forwarder. > > Then create Access Rules allowing the required DNS traffic from the > specific hosts requiring that access. Good thinking. Thank you! ...D