Hello all!!! I have configured the following scenario: I have two ISA servers in the configuration back to back, let's name them the internal and the external ISA Servers. I configured a DMZ using private network address. The subnet of the DMZ is 192.168.9.0 mask 255.255.255.0. The internal ISA server serves as the bridge between the DMZ and the internal corporate network. The subnet used in the internal corporate network is 192.168.10.0 mask 255.255.255.0. The addresses of the internal ISA Server are 192.168.9.34 for the DMZ subnet and 192.168.10.34 for the internal corporate network subnet. I have installed a SMTP server in the DMZ subnet, the address for this server is 192.168.9.10. Here is my problem: I need that the internal corporate network users access the SMTP server located in the DMZ. For this use, I configured a protocol rule allowing my internal users to connect to a SMTP service through the internal ISA Server, but this doesn't work. I'm unable to made a telnet session to the port 25 (SMTP port) in the SMTP server (192.168.9.10), I'm actually receiving the error: "Session disconnected from the host", and the same happen when I'm trying to connect using a SMTP client program like Outlook. The funny thing is that http works great, without any problem. I try some other protocols, like telnet and they don't seem to work in the DMZ. In few words, the protocols rules aren't functioning in the DMZ subnet. Does anybody has an idea of the problem???, I'm configuring all the internal corporate clients as SecureNAT clients, maybe I have to upgrade to firewall clients??? Any help would be apreciated!!! Thank you in advance Ing. Marco Antonio Castillo Chief Design Engineer Van Der Kaaden IT Consulting Guatemala, Guatemala C.A.