Thanks Jim :) I am going to run the eithereal and check the logs. However, if you can clear this for me. Does creating a packet filter with 'ANY' protocol, 'BOTH' directions, 'ALL' local ports and 'ALL' remote ports work? If it does work, it would be similar to disabling the packet filtering feature right? The weird thing is the application works fine if the traffic goes through the WAN and hits the target server. But if I take the ISA and put it in a private network where a router to router VPN tunnel connects the target server, the app has problem. If remove the packet filter, everything seems to work fine. BTW, the app connects to a SQL server on a remote network. Thanks ts Jim Harrison <Jim@xxxxxxxxxxxx> wrote: v\:* {behavior:url(#default#VML);}o\:* {behavior:url(#default#VML);}w\:* {behavior:url(#default#VML);}.shape {behavior:url(#default#VML);}st1\:*{behavior:url(#default#ieooui) }http://www.ISAserver.org Use the logs, Luke. ISA logs all the traffic it sees. You can read through the packet filter logs to see what traffic the application is trying to send that gets blocked. ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- --------------------------------- From: tim S [mailto:tim724342@xxxxxxxxx] Sent: Friday, April 08, 2005 14:55 To: [ISAserver.org Discussion List] Subject: [isalist] Packet filter problem http://www.ISAserver.org I have a window 2000/ISA 2000. There is an application that has to communicate with a server in another location via WAN. The only way the app seem to communicate with the server is if I disable the IP packet filtering feature in ISA (no, I didn't disable it in the production server). I am working on the test ISA server. I even created a packet filter that allows traffic both ways for all protocols, all port and all external interface. Still the app can't communicate. As soon as I disable the packet filtering by selecting the properties for the IP Packet Filters node, it has no trouble at all communicating with the server via WAN. Looked at the log but haven't seen any difference with or without ip packet filtering. I am at loss. I really appreciate it if someone can help me on this. Thanks ts --------------------------------- Yahoo! Messenger Show us what our next emoticon should look like. Join the fun. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tim724342@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com