If you´re using Firewall client, it must work with Integrated Authentication and Integrated Aut. only, period. I wouldn´t want my password unsecurely taking a tour around the network. If your using Firewall client there are two "things" to consider: 1. In ISA Management, application filters, there´s one filter called: "HTTP redirector filter". If you verify it´s properties you´ll see that it redirects your firewall requests to web proxy requests cancelling your authentication. This way applications won´t pass through ISA. Set if for "Send to requested Web server". 2. There´s a BUG in the Firewall client application. You munst uncheck "Automatically detect ISA Server", in the Firewall Client configuration. After doing this settings, you´ll see that a small green ball with a white point in it will appear on the Firewall client ICON. Hope this will help.