Not sure, but I think that enabled packet filters allow traffic through the inner firewall. Default configuration, with filters disabled, prevents traffic. -- J Burford Fields of JB Fields & Associates, LLC jbfields@xxxxxxx www.jbfields3.com "So, everything in the world is a metaphor for something else?"--El Postino -----Original Message----- From: Bjørnar [mailto:bjornar.stensrud@xxxxxxxxx] Sent: Thursday, January 23, 2003 4:42 AM To: [ISAserver.org Discussion List] Subject: [isalist] Should I configure IP packet filtering on the internal ISa in a Back to Back http://www.ISAserver.org I have red some place that the internal ISA server in a back to back shouldnt have IP packet filters enabled unless I need intrusion detection. Could anyone explain that to me? Wouldnt it be even more secure to enable it? ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jbfields@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')