Good day folks I am new to ISA server but from what I see it is quite flexible. Here is my problem: I have a LAN which provides file and application access to the majority of the users. However, there are several IP services which are provided to specialised users, for example: TELNET Access to a computer on a different network. Currently, users may access various networks through the software router. There is no security preventing users from accessing these remote networks. Static routes are configured the ISA computer which is the clients' gateway computer. The only security is the ignorance of the far end IP address (which is bad). Is it possible for ISA to block routes to particular networks based on Active Directory groups? Thanks for your assistance Justin Nedd MCP.