Ask if they use source-IP to validate the user connection. Many banking sites still do this, even though it's invalid. Because the connection uses an SSL tunnel through ISA, all ISA knows is that the connection is made & broken. You'll have to work with them live to sort this out. From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Chris Addicks Sent: Tuesday, August 07, 2007 11:23 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Anyone with experience getting F5 Network's Firepass to work through ISA 2004 I have internal clients that need to access the state of Georgia's secure site via a SSL-VPN. The state has chosen to use F5 Network's Firepass product to create a SSL-VPN. The tunnel seems to be created OK, but communications with the host via the tunnel is very inconsistent. I have been trying to work with the state's support personnel and they have tried to help, but so far we have had very poor results. At this point, I don't know if the problem is on their end or mine. I created a rule allowing HTTP and HTTPS from my internal network to their specific hosts, with all users allowed. The logs indicate the tunnel is established, but it is closed almost immediately. I have attached a sample of the log, all this activity is from a single internal client computer trying to establish and use the SSL-VPN. Anyone else working with Firepass and having success? Chris All mail to and from this domain is GFI-scanned.