Hi Everybody, We have just bought a Zywall 70 firewall for our company. We have a network layout as follows: Internet->Zywall70->ISA2004->Internal network For some reasons we want the ISA2004 server to be the VPN server for our braches, though the Zywall is capable of it too. We have tried to get Zywall70 to pass through VPN connections. These steps we made: -deleted all VPN Rules on Zywall -created port forwarding rules for ports 500, 4500, 1701 to the External IP address of ISA2004 -created WAN2LAN firewall rule from any source to ISA2004 external IP address for ports IKE(UDP:500), TCP/UDP:4500, TCP/UDP:1701 -created WAN2WAN/ZYWALL firewall rule from any source to our public external IP address for ports IKE(UDP:500), TCP/UDP:4500, TCP/UDP:1701 That's all we could get from Internet mailing lists and other sources. Could you please help us to configure the Zywall 70 equipment for us to be able to create VPN connections to our ISA2004 server? Thank you in advance, Zsolt Aranyi