Create Address Range objects to represent your non-local networks and use these in the rules you create. Jim ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew Hodgson [Andrew.Hodgson@xxxxxxxxxx] Sent: Thursday, October 04, 2007 7:02 AM To: isalist Subject: [isalist] ISA Server 2006: Authentication on single-NIC for specific IP addresses Hi. I have just installed ISA Server 2006 with Websense and KAV plug-ins in a single NIC environment (as proxy server only). I have a small problem – HTTP requests go through the proxy and are authenticated ok, but HTTPS requests are showing up as coming from Administrator according to the Websense reports. I would like to enable forced integrated authentication, but I don’t want to do this on the web proxy directly on the internal network, since I have some clients that don’t authenticate (and we don’t want them to authenticate). At present I have just an allow any to any rule, but would like to add a rule above this, that means if traffic comes from specific IP addresses, then the authentication should kick in. I have tried this, but am unable to choose a specific network, since the only networks I can choose are the internal network, which consists of all addresses. Is there any way round this? Thanks. Andrew. -- allpay.net Limited, Fortis et Fides, Whitestone Business Park, Whitestone, Hereford, HR1 3SE. Registered in England No. 02933191. UK VAT Reg. No. 666 9148 88. Telephone: 0870 243 3434, Fax: 0870 243 6041. Website: www.allpay.net<UrlBlockedError.aspx> Email: enquiries@xxxxxxxxxx<UrlBlockedError.aspx> This email, and any files transmitted with it, is confidential and intended solely for the use of the individual or entity to whom it is addressed. If you have received this email in error please notify the allpay.net Information Security Manager at the number above.