I have searched the list, but have not seen this problem brought up yet. So I could use your expert advise. I have a client where we have successfully implemented ISA server for Exchange publishing and web publishing. We are now attempting to implement site blocking. When we activate the policies, the sites are blocked properly; however, a web site hosted behind the ISA server stops saving session variables. The result is that a user who enters a proper name/password combination and has a session variable set to indicate a proper login is returned to the login page when they attempt to enter the site because the next page visited sees the variable as not set. Deactivate the site blocking and the hosted site starts working as expected. The client is using IIS and ASP on the site. Any insight in to this weird problem would be greatly appreciated. Daniel Williams, CCNA Network Engineer CLC IT Solutions Network Consulting, Internet and Software Development mailto: daniel@xxxxxxxxx direct line: (865) 692-0132 fax:(865) 692-0144 Check Out our new website at: www.clcit.com