Hi Dan, You bet. And to carry it one step futher, you could add the FTP control channel port to the Protocol Definition and force all FTP connections through the Web proxy :) Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls -----Original Message----- From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] Sent: Tuesday, April 05, 2005 2:18 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Block Web access for non-Web Proxy clients http://www.ISAserver.org True, you should be able to add that port into the protocol definition created in your instructions also. Glad you pointed that out, forgot about that, all they'd have to do is switch to https (if that site supported it) instead of http and it would go through after all... -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Tuesday, April 05, 2005 13:34 To: [ISAserver.org Discussion List] Subject: [isalist] RE: Block Web access for non-Web Proxy clients http://www.ISAserver.org Hi Roy, The users will still be able to disable the Web proxy settings. They just won't be able to get to any resources requiring outbound access TCP 80, and I assume we can do the same thing with TCP 443, since the same principles apply. Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx