Hello All! I'm having a weird problem with ISA 2004: When no user is logged to ISA, it works flawlessly. As soon as I, or any user, log on, most inbound ports become blocked. SMTP, POP and a few others are blocked. HTTP and DNS keep working. No errors in logs (except for a half scan attak a few days ago), no sign whatsoever of what could be the cause. Windows event logs are free of anything suspicious. I tried disabling the SMTP filter and the POP filter (which are blocked when logged on). For some obscure reason, the ports opened up again. I reactivated the filters, down they go. Log off... Back up again. However, I have an activity/port monitoring scanner on an external server (A1 Monitoring). When the filters were turned off, it started having all kind of troubles monitoring the local server. It would say that he server was down despite the fact that it was responding fine using Telnet. After I re-enabled the filters, A1 Monitoring started working fine again (after I logged off of course ;-) ). FYI, the SMTP filter is on but not configured. I use Brightmail so I have no use for it. The symptoms, more precisely, are as follow: It's like if the routing was incorrect. I mean that when I Telnet port 25 from a remote computer, I get a connection but no reply (the smtp banner doesn't show). I tried to monitor the connection from withing ISA and it is as if no reply was sent to the remote computer. I don't know what could be the cause of this. I did not make much changes before it happened but I must add that this ISA has been up for only 45 days. I noticed the problem 10 days ago. Rules are fine. If they were the problem, it wouldn't work while logged out (unless MS is hidding something :-))) ). Thanks for any help you can provide. Fred _____________________________________ Frederic Giroux, technical director Niveau3 inc. IT Consultants fgiroux@xxxxxxxxxx www.niveau3.ca 514-352-4782 (ext. 223) 514-352-9126 (fax) 866-477-4782 (toll free)