I've got a problem with a new ISA server setup. ISA is only installed for it's firewall capabilities and it's loging. The server is a DC and a web server (we have limited resources). It has 2 default gateways: one that goes to the internet and one that goes to our internal network router. The problem I'm having is that anytime I try accessing the server (via WWW) from the internet, I get an event in the App. Log that says it detected a spoof attack, and nothing loads. If I remove the internal gateway, it works fine. Anyone have any ideas aside from entering static routes (since there are about 100 of them)? I've already tried making the metric of the internal gateway 2 instead of 1, and it still don't work. Thanks, --Brian