We have OWA on Exchange 2000 working very well for clients which access the Exchange server directly using http:\\servername\exchange\. Have followed all the instructions for publishing OWA through ISA to be found on this site, including the usual alterations for 'basic authentication' specifying the default domain in IIS, together with Integrated Windows Authentication for our internal clients. The result is that external clients can get ISA through our web site perfectly. All sounds fine. However, if an internal client tries to access OWA as if it were an external web site (ie going out through ISA and back in again) using www.ourexternaldomainname.com/exchange (which works for external clients) they get repeated authentication requests. The only exception is if they specify an account with Administrative privileges on the ISA server. At first I thought this was because the internal clients are trying to use Integrated Windows Authentication, which ISA won't pass, but then I tried only allowing basic authentication on IIS on the Exchange server and that still gave the same problem. I know it's not a mission-critical problem, but it does look to our staff as if our OWA web-mail is not functioning when they are in work if they're used to accessing it that way from home. Any ideas would be greatly appreciated!