A host with a default route to the ISA via its default gateway becomes a secureNAT client. If you don't want them to become secureNAT, don't point their default gateways to the ISA server. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG ----- Original Message ----- From: "Nigel Carroll" <nigel@xxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Tuesday, November 27, 2001 04:08 Subject: [isalist] Why Tom recommended NOT to use a gateway for FW Clients http://www.ISAserver.org On pg400 of Tom's book (ISA Server 2000) he says "you should not configure your firewall clients with a default gateway" (last sentence above "NOTE") Can anyone comment on what would be the downside of doing this - is it because of a performance or security issue? Nigel ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')