Hi Stu, Don't force authenticaton on any listener. Authenticate ONLY at the Web site. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Stuart Pittwood [mailto:SPittwood@xxxxxxxxxxxxxxxxx] Sent: Thursday, March 13, 2003 3:51 AM To: [ISAserver.org Discussion List] Subject: [isalist] Publishing OWA http://www.ISAserver.org Hi all, We have a back to back DMZ using two ISA Servers & an Exchange 2000 server on the internal network (behind the interior firewall). I want to publish this servers OWA out to users on the internet. I have published OWA on the external firewall to an address on the internet firewall and then the dmz address of the internal firewall to the actual OWA exchange server. If I try to access owa from a PC inside the DMZ it works, if I try to do this from the internet I get a 403 error (access denied) I guess this is down to the security on the listener. Bearing in mind that the external firewall is not a member of the domain and does not have access to any user account info in active directory what should I set this listener to? Can I set this listener to anon if so how? Thanks Stu ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')