Hello, Well I was able to find the really informative article on 'Enabling the ISA Server 2004 VPN' on isaserver.org. Thanks for this and many other great articles. I saw that in the article you have the "Allow - All outbound protocols" also. This makes me feel more confident about my setup. I was worried about giving remote VPN clients access to protocols they dont need to help against worms and viruses useing odd protocols and ports. I guess it was the same thought process as giving internal clients only access to HTTP and FTP exnternally instead of having an allow out rule. I guess ISA 2004 will securely contain the VPN client? What are your opinions on this subject? Thanks! Paul