you can setup fixed udp port for CS(HLDS) server of your choice which your user will be using during game itself.So setup publishing and allowing for that port in ISA is not a prob. For server auth. to Server with list of servers there is 1 fixed port com. as far as i know. Anyway in anycase of product with unknown communication channels i am using my netwatch on client machine to see clearly what port and protocol is used (spacer.cc/netwatch.zip) P.S.:Netwatch is raw socket based sniffer (simply expl.:doesnt have device driver) Never use any network sniffer based on raw socket API on production PC as friend of mine found out that you can freeze Win2000 Boxes (not xp .net tested by me!) if you simply ping them with loosing source flag with using their gateway ip in that ping.So again i dont recommend to run it on production servers. However this netwatch is small ~50KB and is convenient to use and immediately see all traffic on 1 screen Regards Spacer -----Original Message----- From: Mark Hippenstiel [mailto:m.hippenstiel@xxxxxxxxxxxx] Sent: Wednesday, February 12, 2003 9.27 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: RES: RE: RES: RE: RES: RE: Spooky filter problem! Tom? http://www.ISAserver.org Well.. I would agree with others and say it's only a game(-server) why bother. But since we are talking about a technical problem it's interesting to find out what the problem is - at least to a certain extent. You know enough about ISA to be aware that there are technical limitations that btw apply to any firewall. So there's really no need to discuss if ISA is suited for that kind of application. I would say it is. The problem lies in the communication, I would advise you to look for articles from firewalled CS users for instance on expert exchange. If you only used CS to test for the availability of your HLDS, I would say that this is not enough. The thread topic you choose implies that you assume that the problem could be caused by an unknown bug in the filtering mechanisms... I recommend that you get a port scanner and scan for all open ports once from within your network and once from external. I bet there's a port or two missing. Further you might want to have a closer look at low-level network communications on the external machine to see what's really happening. And you could contact Valvesoftware (I believe it is) and ask if they can provide you with more information. It's like I said - if you don't know enough about the protocol being used you're bound to test and try. It's a lot of work. If I can help you in any other way let me know. Good Luck! Mark Ps Did you try to change the UDP filter properties? I would set SendReceive for 'incoming' and ReceiveSend for 'outgoing' This mail was content checked for malicious code and viruses by GFI MailSecurity. GFI MailSecurity provides email content checking, exploit detection and anti-virus for Exchange & SMTP servers. Spam, viruses, dangerous attachments and offensive content are removed automatically. Key features include: Multiple virus engines; Email content & attachment checking; Exploit shield - email intrusion detection & defence; Email threats engine - analyses & defuses HTML scripts, .exe files & more. In addition to GFI MailSecurity, GFI also produces the GFI FAXmaker fax server & GFI LANguard network security product ranges. For more information on our products, please visit http://www.gfi.com. This disclaimer was sent by GFI MailEssentials for Exchange/SMTP.