logically speaking if you want to ensure that you rusers do no tbypass the ISA server to access internet then i guess the best way to ensure that they have only one way out of the internet and this one way could be monitored. through the ISA server configuration.There could be more reasons to this, but thats what I can think of for now. -----Original Message----- From: Nigel Carroll [mailto:nigel@xxxxxxxxxxxxxxx] Sent: Tuesday, November 27, 2001 2:08 PM To: [ISAserver.org Discussion List] Subject: [isalist] Why Tom recommended NOT to use a gateway for FW Clients http://www.ISAserver.org On pg400 of Tom's book (ISA Server 2000) he says "you should not configure your firewall clients with a default gateway" (last sentence above "NOTE") Can anyone comment on what would be the downside of doing this - is it because of a performance or security issue? Nigel ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: syed.muqeem@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')