O.k., this is getting personal.... As an experienced security engineer, I don't appreciate someone suggesting I 'bridge' across an existing DMZ and then call ME loopy. The PIX DMZ is there as I have an enterprise wide (35 site) Cisco PIX policy. I choose to use ISA to handle OWA and other HTTP traffic as it is good at that and offers another level of security that is more application aware (Jim!) than the PIX. I simply thought that reverting to experienced ISA users would assist me in getting a solution. 1. ISA as a simple reverse web proxy works on HTTP 2. I've only one NIC. 3. I can contact the authentication form on ISA o.k. 4. I've only one NIC.. 5. I can get to OWA on ssl on the internal LAN o.k. 6. I've only one NIC... 7. when I enter credentials (username/password) I receive: You could not be logged in to Outlook, make sure your username etc, etc... 8. I have only one NIC... 9. I can access OWA internally, I can access it from ISA it's just the 'proxy' connection that fails. Any constructive advice would be much appreciated. Regards, Walter