Tom, Thanks for the response. I think I'm following you to a point but I'm unclear with what I'm connecting the remote/local tunnels to as I only have one ISA. Is it your suggestion that once I have the gateway to gateway connection established between the two blackboxes that I should then create a tunnel between the DMZ interface of the ISA and the LAN interface of the black box in the ISA's dmz? Please advise, Casey -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Sunday, November 03, 2002 11:29 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Passing traffic http://www.ISAserver.org Hi Casey, I'm not exactly clear on how you have things set up, but here's what I think you're doing. You're using the blackboxes to create VPN gateway connections to join the DMZ segments If that is correct, then you can then use the local and remote VPN wizards to create a second tunnel to join the private networks. HTH, Tom Thomas W Shinder www.isaserver.org/shinder http://tinyurl.com/1jq1 http://tinyurl.com/1llp -----Original Message----- From: Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx] Sent: Sunday, November 03, 2002 1:00 PM To: [ISAserver.org Discussion List] Subject: [isalist] Passing traffic http://www.ISAserver.org I'm trying this question again, see if I can get an answer this time. I'm trying desperately to get the ISA to allow traffic to pass through it that is destined for another network. I have a linksys vpn router hanging off of the ISA's dmz. VPN router's LAN(DMZ) address is 10.112.1.3 VPN router's WAN address is 140.168.42.60 The remote network also has a linksys vpn router. VPN router's WAN address is 68.80.66.170 VPN router's LAN address is 10.116.1.1 After establishing the tunnels successfully: I can successfully communicate with hosts on the ISA's dmz from the remote network and I can successfully communicate with the remote network from the hosts on the ISA's dmz. I can communicate successfully(throughr the ISA)from the hosts on the ISA's dmz with clients on the local network behind the isa (10.128.0.0). I cann't communicate with the clients on the local network behind the ISA from the remote network. I can't communicate with the clients on the remote network from clients on the local network behind the ISA. How do I set the ISA to allow the traffic destined for the local network (10.128.0.0) from the remote network (10.116.1.0) pass through it and vice versa? Any help would be greatly appreciated! ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cfriese@xxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')