1. Never use the same netblock internally and externally across ISA. 2. Never enter external IPs in the LAT unless they belong to VPN clients that RAS into the ISA itself. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/authors/harrison/ Read the books! ----- Original Message ----- From: <isa@xxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, February 18, 2002 03:17 Subject: [isalist] Should I exclude the IP address of the External NIC in the LAT? http://www.ISAserver.org My upstream provider has allocated us a Class C block. These IP's are used on our internal network as well as the External NIC AND Rooter connecting us to our upstream provider. Should I exclude BOTH the IP of the external NIC AND the IP of the Rooter from the LAT on my ISA server? My understanding is that both these IP's are external. Regards Pieter van Zyl ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')