Staff, I have the following topology: I have a Domain NT 4,0 and my ISA Server is in a Windows 2000 that is a member server of this domain of the headquarter, the ISA is installed in Integrated Mode, I have some remote net with Links of 64Kbps with the headquarter and each net of this has a PDC, I want that the users of this net have access the Internet through my ISA Server, for this I created in my ISA Server in Policy Elements > Client Address Sets a Set with the IP range of the Branch office and in Access Policy>Protocol Rule I created a protocol rule allowing all traffic IP that will be based on client address set specified, also I created in Access Policy>Site and Content Rules a rule that allows all for destination, all HTTP Contents everything what it will be based on the Client Address specified Sets, with this I installed the Firewall Client to from of my ISA Server into user computer, the Try Icon of the Firewall client indicates that it is connected, however when the user access Internet via the Internet Explorer the Try Icon detaches from the ISA Server and the User I did not obtain to have access nothing, I only fixed this problem creating in the Windows 2000 of my ISA Server user with the same password that the user use to connect in the PDC of his net, however this is not best solution because when the user the password his password, the Firewall Client of the user I did not obtain to connect in the ISA Server and the problem alone is fixed when the user call to me and says to me what is the new password, then I enter in the Windows 2000 of the ISA Server and change the password that the user passed me, this is completely are wrong and I need to found a correct solution, if somebody already passed for this problem please helps me. Thanks, Alex