Hi Ara, You don't need all those options selected. Just use the autoconfig script or autodetect. You still need to enter the adp.com site into the Direct Access list, though. Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ara Avvali Sent: Wednesday, March 29, 2006 3:46 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] question about direct access Hello everyone Sorry a dumb question but I want to be clear. I have created a rule going to *.adp.com for http and https. Web proxy filter in unbound from http. Would this act like direct access so *.adp.com traffic is not going through proxy? What about if the client is set as web proxy and a firewall client? Would it overwrite the rule? Appreciated