Tiago, Thanks for the reply. I set up a static route for the netscreen box. Everything works okay. The mgt. doesn't want anyone from the remote network into our network. The only traffic via this VPN gateway is our outgoing traffic to the remote network. I guess as long as I don't add the netscreen's private subnet to LAT, ISA won't allow the incoming traffic initated from the remote network. Tiago de Aviz <Tiago@xxxxxxxxxxxxxxx> wrote: v\:* {behavior:url(#default#VML);}o\:* {behavior:url(#default#VML);}w\:* {behavior:url(#default#VML);}.shape {behavior:url(#default#VML);}http://www.ISAserver.org Well, i guess it´ll only work if you set a static route on your ISA so it can find the remote network. But I think it would be easier if you plugged the netscreen on the internal network instead of plugging it on another NIC on the ISA box. Tiago --------------------------------- De: tim S [mailto:tim724342@xxxxxxxxx] Enviada em: quinta-feira, 2 de dezembro de 2004 14:21 Para: [ISAserver.org Discussion List] Assunto: [isalist] Need help with the VPN and ISA 2000 setup http://www.ISAserver.org Hi, I would like to know if this setup will work. I have an ISA2000 server running on w2k3 server with three NICs (two external and one internal). And I have a netscreen VPN gateway box. Here is my setup. Internet | | Cisco Router ----------------------- | | | | ISA 2000 --------Netscreen VPN gateway box | | Internal network (private) One of our customers didn't want to open a VPN gateway via the ISA2000 so they sent us the netscreen. The second external ISA NIC connecting netscreen box has private IP. As usual, it doesn't have a default gateway. The only NIC with default gateway is the one that connects to CISCO router directly. My question is what happens to the outgoing traffic for Netscreen box? Does it always go through the default gateway? If the traffic is intended for netscreen VPN gateway, does the second NIC get the traffic? Thanks __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tiago@xxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tim724342@xxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx --------------------------------- Do you Yahoo!? Send a seasonal email greeting and help others. Do good.