Hi Lubos, Turn on Rule 1 and Rule 2 in the Web Proxy and Firewall service logs and you'll know what rules are allowing access. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Luboš Kovár [mailto:lkova@xxxxxxxxxxxxxxx] Sent: Wednesday, March 26, 2003 6:37 AM To: [ISAserver.org Discussion List] Subject: [isalist] RULES DONT WORK http://www.ISAserver.org I have Client address sets defined. Then I have Protocol rules defined - only HTTP and FTP allowed for specified Client address sets. Then I have Site and Content rules defined. I set rule "All destinations except selected set". I have set one destination set named "Restricted access" with defined sites which users from Client address sets cannot access. Now I see that some clients can access these restricted sites. Where is problem? ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')