Using ISA server with latest updates on native Win2K sp2 environment. I am setting up Exchange 2k with 2 nic cards, one for our internal network and one on the perimiter network. My ISA server has 3 nic cards, one for internal, one external and one for a permiter network. I have a remote office that has a cable connection with an ISP and rather than spend the money for a dedicate link or a vpn device, the boss wants the remote office to be able to utilize the cable connection and have the choice of using either pop3 or OWA. Because I'm new to the firewall and security scene I'm wondering what everyone's feelings are on how I have my exchange server setup with the dual nics. Does this really buy me any security? Logic would tell me that if I'm going to have a box on a permiter network then I should only have one nic in that box and all traffic, both from the outside and inside destined for that box should be routed through the ISA server. If this is the case, then how do I allow traffic such as AD replication/synchronization and user mailbox authentication traffic to pass through the ISA server to my exchange server? This is the only exchange server in my domain. Thank You, Casey Friese