Hello everyone, I have a scenario I'm trying to work on and wonder if anyone did this before: I have two ISA's in this setup. The external ISA is on the internet using one NIC, and a private IP range (DMZ) on the internal NIC. The internal ISA has also two NICs, one on a private IP range (DMZ) and one on my internal network. Internet <=> External ISA <=> DMZ <=> Internal ISA <=> Internal Network I've setup the External ISA to accept Client VPN Connections and using IAS to authenticate through the Internal ISA. That part is working with no problems. The External ISA gives an IP range within the DMZ network to the VPN clients. What I'm trying to do is allow these IP range to access the internal network through the Internal ISA. I created packet filters, protocol rules but nothing... Any ideas??? Thanks, Tom