Yes, eToken supports EAP. But I think I might need to authenticate via a custom Radius policy to get it to work "http://www.aladdin.com/support/default.asp?selectproduct=et"; FYI- eToken is a great technology. It is really starting to get popular. It is a USB Smart Card for MS PKI Certificates. Its nice because it doesn't require a card reader. I am really hoping to setup my ISA Server 2004 so my users can logon to the VPN using their eTokens and use L2TP (to get the CISCO zealots off my back). I work for a non-profit Organ and Tissue Procuement Agency. Although we are a two person IT department, HIPAA and the FDA give us no slack in terms of security. What will I be missing if I install ISA 2004 as a stand alone and use IAS for RADIUS authentication?