W2k/SP2, ISA/SP1 running in integrated mode. I'm on dialup with dedicated IP, public web and email presence, and have a mail server inside the network that points to ISA as a firewall client (secure NAT). The ISA server will terminate the firewall session with this machine after a telephone disconnect and re-dial (happens frequently, but that's the breaks out here in rural America where there is no broadband alternative.) Sometimes the session will reactivate itself, but not very often. The intermittancy makes it tough to debug. When the firewall session is working, email flows great. When the session drops, no email. The way I check on the presense of the connection is under Monitoring/Sessions in the ISA MMC, where it shows Session Type (Firewall Session), User Name (blank), Client Computer (mail server's internal IP), Client Address (mail server's internal IP), and Activation (date/time of connection startup). When the connection is gone, there is no such entry. This occurred with Exchange 2000 as the mail server and I couldn't fix the problem. I switched the email services to a linux machine running sendmail and the problem occurs less frequently, but it occurs enough that my email delivery isn't reliable. I know how to monitor services and get them restarted as necessary, but I don't know what I can do to monitor for the presence of a firewall connection. It isn't a service, so what the heck do I look for? You could do this in *nix with a chron or other script, but I don't know how to do it in the Windows world. I desperately need to get this solved and would appreciate any help anyone might have. Thank you. Brad Alpert MCSE/NT4 & W2k Compaq MASE Expert marksman and a darned good cook