Why would you create a rule on ISA to allow protocols which would be travelling over a vpn?? ISA cannot inspect outgoing VPN traffic??? Have you allowed pptp etc from the internal host to the GS ipaddress? S From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Chris Addicks Sent: Tuesday, August 07, 2007 3:23 PM To: ISA Mailing List Subject: [isalist] Anyone with experience getting F5 Network's Firepass to work through ISA 2004 I have internal clients that need to access the state of Georgia's secure site via a SSL-VPN. The state has chosen to use F5 Network's Firepass product to create a SSL-VPN. The tunnel seems to be created OK, but communications with the host via the tunnel is very inconsistent. I have been trying to work with the state's support personnel and they have tried to help, but so far we have had very poor results. At this point, I don't know if the problem is on their end or mine. I created a rule allowing HTTP and HTTPS from my internal network to their specific hosts, with all users allowed. The logs indicate the tunnel is established, but it is closed almost immediately. I have attached a sample of the log, all this activity is from a single internal client computer trying to establish and use the SSL-VPN. Anyone else working with Firepass and having success? Chris