Hi Alex, The default packet filter for TCP 80 won't work if you're wanting to pass packets to a public address DMZ host. You'll have to create them manually. HTH, Tom Thomas W Shinder www.isaserver.org/shinder <http://www.isaserver.org/shinder> -----Original Message----- From: Alex Decarli [mailto:decarli@xxxxxxxxxxxxx] Sent: Thursday, September 26, 2002 8:46 AM To: [ISAserver.org Discussion List] Subject: [isalist] DMZ - The Hell http://www.ISAserver.org Hi all, Again, I come to list to find help to implement DMZ. I read "DMZ Scenarios" on isaserver. rg and "HOW To: Publish Web Server in Perimeter Network - q313562". ALL RECOMENDATIONS ARE APLLIED. My problem is: I can't to connect my webserver on DMZ from internet. But, i can connect my webserver from internal network and ISA Computer (the connections has proxy configured, either). My Scenario is: =========== [ ISP ROUTER ] -------------------------------- ** ISA External NIC ** (subnet1 e subnet2) Defaut gateway is router subnet 1 | | ISA SERVER ------------------------------------------------------------------------ ------------------------------------ [ INTERNAL NETWORK] | LAT: 10.1.1.x | ** ISA DMZ NIC ** IP Public (subnet2) Diferent Subnet of ISA External NIC No Defaut Gateway | | | | | [ WEB SERVER ] IP Public (subnet 2) Defaut gateway is ISA DMZ NIC I've configured a "IP Packet Filters Rule" called "Allow webserver on DMZ" , IP routing and IP Packet filters are enabled, with pre-defined HTTP 80 Port , applied to IP address of webserver. exactly q313562 My ISA Server is Standalone Server, SP1, Windows is Server Standard, SP3, no more. Any help is apprecied ! Alex Decarli. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')