Yes, this is intriguing... I didn't know it was that big of a deal, all the promos leading up to ISA2004's release described it as being capable of such, and when I was finally able to try it out, it worked just like I had anticipated, so why is this such a revelation? That makes me wonder, what exactly is an ISP? ISP, Internet Service Provider, someone who provides you with Internet Access, is how I'd define it. If you can utilize their network to reach addresses on the Internet, I'd consider them an ISP of some sort. If I connect two ISPs to the ISA server, and am able to use them to access resources from either of them by routing, then I'd consider it a dual-ISP system. I had only set this up with one subnet, so hadn't really played with it to a great extent, so your posts really got me wondering. So, this morning I tried it out a bit more to make sure it was working like I thought it did. I tried CNN as an example, did a tracert to it, and, like expected, it routed through the NIC for ISP1 (default gateway). I then took the 64.0.0.0 subnet (which CNN is in), and used the ROUTE ADD command to tell it to use the NIC for ISP2 for that range. I then did another tracert and it found it was now using the route via the NIC for ISP2, exactly as expected. Just to be sure, I went and browsed some of the obscure pages on CNN's site to make sure it wasn't just a cached copy I was seeing. Utilizing this information, I can see a relatively simple script that would check for a connection being up on ISP1, and change the default gateway to ISP2 if needed. I also have thought of a couple of other theoretical possibilities for load-balancing, but will need to pursue those more before I can say they'd work. -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Friday, January 21, 2005 20:18 To: [ISAserver.org Discussion List] Subject: [isalist] RE: SSL Problems with ISA 2004 http://www.ISAserver.org I'll stipulate that you've defined it as an "external" network, but I'll also bet that this is a misconfiguration that just "happens to work". If you're willing, you can send me your ISAInfo privately and one of two things will result: 1 - your configuration will spawn a KB or whitepaper (basically a WAN) 2 - I'll respond with corrective steps This "dual ISP" distinction is important. What you describe is nothing more than a "special routing arrangment", NOT "dual ISP connections". No argument that you've managed to create an efficient network this way, but it's not what the community at large understands as "two ISP connections".