You have to allow ISA to authenticate all users so that you can create Site and Content rules to refuse specific ones. That means ISA has to either be a member server in your corporate domain, or that the ISA domain has to trust the corporate domain(s). If you're not using domains, then you'll have to duplicate all user accounts (and passwords) in the ISA local SAM. the ISA help discusses this, as do many of the articles on www.isaserver.org/pages/learning%20zone.htm. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG ----- Original Message ----- From: "Chirag Shah" <cshah@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Sunday, November 11, 2001 00:14 Subject: [isalist] Want to block internet access for particular user in the company http://www.ISAserver.org Hi! I have SBS2K which includes ISA Server. Now, I would like to block Internet Access for few of the users in my company since BOSS doesn't want them to use Internet. Can someone please tell me how can I block access to the users in my company. Thanks CS ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')