Thanks for the suggestion on the MTU and ICMP. I was able to modify these settings on the Sonicwall and now they are able to access https websites. Actually the MTU size was too large. I reduced it from 1500 to 1494 and selected to have it fragment anything larger than that. It works. Amy -----Original Message----- From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Tuesday, September 16, 2003 2:55 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OT: NOT Sonicwall Issue http://www.ISAserver.org > I've read the article but it doesn't explain why I can get to the https > sites by taking the firewall out of the picture. Sorry, my last post my come across a little to harsh. You might have a small MTU size set on the Sonicwall. This can affect it. You might have allow fragmented packets set on the Sonicwall. This can effect it. You might have Ignore Do Not Fragment Bit set on the SonicWALL. This can affect it. There might be a black hole router that detects the fragmented packet by the Sonicwall and drops it. John Tolmachoff MCSE CSSA Engineer/Consultant eServices For You www.eservicesforyou.com ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: amy@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')