Easy. Make all you rules user or group -specific (DON'T use "Everyone"!). This way, ISA will block any request that can't be authenticated. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -----Original Message----- From: MS-Khan [mailto:mobassir_sattar@xxxxxxxxx] Sent: Thursday, December 02, 2004 5:15 AM To: [ISAserver.org Discussion List] Subject: [isalist] How to block clienst who r using ISA Server ip As thier gatway http://www.ISAserver.org hello i am using ISa Server for internet access, and created some rule for internet access different for difirent users on IP . All rule working fine. Normaly i am using ISA Firewall Client on all clients. No gatway on client. but i have some power users they r using internet without permission. what they do for internet. 1- They just disable Firewall clint. 2- Remove proxy setting for Browser. 3- Using Server Ip As thier gatway. Aftre that they can use internet from any static IP they r using, even that ip is in the block rule . And he was blocked with same Ip when the firewall client and Proxy setting were enable and no gatway. I need to know what i am missing to block these kind of users. Waiting for quick and positive reply regards ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned.