Hi Andy, From what I can make out from the figure, network Y is behind the same ISA firewall interface as Network X. This means that both networks are part of the same ISA firewall Network. All addresses behind the same ISA firewall interface are part of the same ISA firewall Network. So, you'll need to include all addresses in networks Y and X in the definition of the same ISA firewall network, which in this case I"m guessing is the default Internal Network. HTH, Tom Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls ________________________________ From: Andy Haigh [mailto:ahaigh@xxxxxxxxxxxxxxxx] Sent: Monday, November 21, 2005 5:22 PM To: [ISAserver.org Discussion List] Subject: [isalist] Internal WAN http://www.ISAserver.org I have just upgraded a server to use ISA 2004 and have run into a problem. On the old ISA 2000 server had some static routes configured to other networks which are connected via a router on the internal network, this worked fine. Now that we have installed the ISA 2004 server we are unable to access the other networks due to the stricter rules set now used. I have tried adding a rule to allow the traffic to the other LAN's but think I have confused myself. The network is as below Internet-----------ISA 2004 -------LAN X (172.22.4.0/24)----------Router A--------------WAN------------Router B------------LAN Y (172.22.11.0/24) What would be the best way to set the rules up to allow traffic from LAN Y to the ISA 2004 server. I also have a SBS 2003 site which we are about to upgrade to SP1 which will require this. The SBS box currently is configured as the default gateway for the clients and they have an application which is required to be routed via the clients internal WAN. Thanks Andy ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx