In the ISA help under the Firewall client application settings. Here is a snipit on the text: DisablePossible values: 0 or 1. When the value is set to 1, the Firewall service is disabled for the specific client application.NameResolutionPossible values: L or R. By default, dotted decimal notation or Internet domain names are redirected to the ISA Server computer for name resolution and all other names are resolved on the local computer. When the value is set to R, all names are redirected to the ISA Server computer for resolution. When the value is set to L, all names are resolved on the local computer.LocalBindTcpPortsSpecifies a Transmission Control Protocol (TCP) port, list, or range that is bound locally.LocalBindUdpPortsSpecifies a User Datagram Protocol (UDP) port, list, or range that is bound locally.RemoteBindTcpPortsSpecifies a TCP port, list, or range that is bound remotely.RemoteBindUdpPortsSpecifies a UDP port, list, or range that is bound remotely.ServerBindTcpPortsSpecifies a TCP port, list, or range for all ports that should accept more than one connection.ProxyBindIp Specifies an IP address or list that is used when binding with a corresponding port. Use this entry when multiple servers that use the same port need to bind to the same port on different IP addresses on the ISA Server computer. The syntax of the entry is: ProxyBindIp=[port]:[IP address], [port]:[IP address] The port numbers apply to both TCP and UDP ports. KillOldSessionPossible values: 0 or 1. When the value is set to 1, it specifies that, if the ISA Server computer holds a session from an old instance of an application, that session is terminated before the application is granted a new session. This option is useful, for example, if an application crashed or did not close the socket on which it was listening. By closing the old session, ISA Server immediately discovers that the application was terminated and can release the port used by the old session immediately.PersistentPossible values: 0 or 1. When the value is set to 1, a specific server state can be maintained on the ISA Server computer if a service is stopped and restarted and if the server is not responding. The client sends a keep-alive message to the server periodically during an active session. If the server is not responding, the client tries to restore the state of the bound and listening sockets upon server restart.ForceProxyUsed to force a specific ISA Server computer for a specific Winsock application. The syntax of the entry is: ForceProxy=[Tag]:[Entry] where Tag equals i for an IP address or n for a name. Entry equals the address of the name. If the n tag is used, the Firewall service only works over IP.ForceCredentialsUsed when running a Windows NT or Windows 2000 service or server application as a Firewall client application. When the value is set to 1, it forces the use of alternate user authentication credentials that are stored locally on the computer that is running the service. The user credentials are stored on the client computer using the Credtool.exe application that is provided with the Firewall Client software. User credentials must reference a user account that can be authenticated by ISA Server, either local to ISA Server or in a domain trusted by ISA Server. The user account is normally set not to expire; otherwise, user credentials need to be renewed each time the account expires.NameResolutionForLocalHost Possible values are L (default), P, or E. Used to specify how the local (client) computer name is resolved, when the gethostbyname API is called. The LocalHost computer name is resolved by calling the Winsock API function gethostbyname() using the LocalHost string, an empty string, or a NULL string pointer. Winsock applications call gethostbyname(LocalHost) to find their local IP address and send it to an Internet server. When this option is set to L, gethostbyname() returns the IP addresses of the local host computer. When this option is set to P, gethostbyname() returns the IP addresses of the ISA Server computer. When this option is set to E, gethostbyname() returns only the external IP addresses of the ISA Server computer?those IP addresses that are not in the local address table. ControlChannelPossible Values: Wsp.udp (default) or Wsp.tcp. Specifies the type of the control-channel used. p.clebant@xxxxxxxx wrote:http://www.ISAserver.org Hi all, Where can I found a description about each string and value signification (Disable, LocalBindTcpPort, etc...) when I configure Microsoft Firewall Client's properties in ISA Management? Thanks for your help. Patrick ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: frogman1370@xxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') --------------------------------- Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now