We would like to give our users access to our internal Terminal Server Cluster from the internet. We would like to authenticate the users at the firewall before allowing the connection to port 3389 to go through to the published Terminal Server. Is there a way to control the port access form the Internet with authentication at the firewall? The only way that we know of allowing access is by using server publication but it does not authenticate users. Thanks in advance.