Read the ISA help regarding publishing rules; that's how you allow external connections to internal resources. Jim Harrison MCP(NT4, 2K), A+, Network+, PCG http://isaserver.org/authors/harrison/ Read the book! ----- Original Message ----- From: "misiek" <mgo@xxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Wednesday, December 12, 2001 13:08 Subject: [isalist] ISA and Special Ports of NAT http://www.ISAserver.org I've got a server with two interfaces EXTernal (192.168.1.10 - network 192.168.1.0 mask 24 bit) and INTernal (10.10.10.10 - network 10.10.10.0 mask 24 bit). I've enabled RRAS NAT on this interfaces and add a pool of external adresses 192.168.1.11 mask 255.255.255.252 so there is 2 hosts - 192.168.1.11 and 192.168.1.12. After that I've added SPECIAL PORT 23 (telnet) that translated internal host IP 10.10.10.20 to the external IP 192.168.1.11. After that everything worked fine and I was able to telnet from Internet to host 10.10.10.20. But after that I've install ISA SERVER i integrated mode. I've create a PROTOCOL RULE that allow ALL protocols and I've configured IP Packet Filter (configure packet filtering and Intrusion detection option) to: enable packet filtering, enable intrusion detection, enable IP routing and so on.... Next I've create PACKET FILTER rule that allows ALL IP protocols in BOTH direction. And after that I can't no longer telnet from Internet to the internal host 10.10.10.20. WHY ???? What Am I doing wrong ???? please HELP ! ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')