All that setting accomplishes is to deny access to the FW client for that app. It does not deny access through the ISA for the app if the client is also a SecureNAT client. You'll need to set up blocking filters and rules as dictated in Tom's article on dangerous messenger clients. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/pages/author_index.asp?aut=3 http://isatools.org Read the help / books / articles! ----- Original Message ----- From: "William Robertson" <robertson.william@xxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Sunday, November 03, 2002 9:03 PM Subject: [isalist] Struggling to DENY access for applications! http://www.ISAserver.org Hi there I have tried to make modifications to the Firewall Client Config (thru the MMC), but I cannot seem to get the FW Client to DENY access to certain applications. For example, I would like to be able to have the FW Client block applications such as Windows Messenger, ICQ etc. But when I add an entry to the FW Client config with the following parameters: Application: msmsgs Key: Disable Value: 1 Nothing happens. The Windows Messenger continues to get through to my ISA Server, instead of being denied by the FW Client. Another thing I have tried is to add the following: Application: Common Configuration Key: Disable Value: 1 By doing this I was hoping to DENY access to ALL applications that were not specifically ALLOWED within the FW Client config, but this also did not work. Does anybody have any idea how I can DENY access to all applications on a workstation that are not explicitly ALLOWEd by the FW Client config? Cheers William R. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')