Hi Adam, If the "All IP Traffic" protocol rule is enabled, then the SecureNAT clients have access ONLY to the protocols defined in the Protocol Definitions node in the left pane ISA console. Also, the rule must not require user auth, because the SecureNAT client isn't able to provide credentials. HTH, Thomas W Shinder www.isaserver.org/shinder <http://www.isaserver.org/shinder> ISA Server 2004 Beta - Coming Soon <http://www.microsoft.com/isaserver/beta/default.asp> ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp> -----Original Message----- From: Adam Hearne [mailto:adam.hearne@xxxxxxxxxxxxxxxxxxx] Sent: Thursday, December 18, 2003 2:04 PM To: [ISAserver.org Discussion List] Subject: [isalist] quick question http://www.ISAserver.org Hi guys, I finally got the SQL server's to connect through the ISA server. It ended up being I had to disable filtering of IP options. Can anyone tell me what option filtering is? But onto my main question, I have just read the article http://www.isaserver.org/tutorials/How_to_use_ISA_Server_Packet_Filters. html and I had a question about the following statement within it... "...Something to keep in mind regarding Protocol Rules is that if you enable a rule that allows "All IP Traffic, it will work differently depending on what type of client is accessing that rule. Firewall Client computers will have outbound access to all TCP/UDP ports, but SecureNAT clients only have access to the protocols that are specified in the Protocol Defintions that are configured in the ISA Server." I underlined the last sentence because that is what I has trouble understanding. In regards to the SecureNat clients, is that line saying that the mere act of specifying a protocol definition will enable it? I though you then had to use a protocol rule to specify who it applied to. I am confused. Being a beginner on this subject, understanding the little things often helps me understand the bigger things. I hope someone can please clear this up for me. Thanks again, Adam ************************************************************************ ****************** NOTICE - This message is the property of yourinsurancegroup (brokers) limited. It may also be confidential and/or privileged. If you are not the intended recipient of this message you are hereby notified that you must not disseminate, copy or take any action with respect to it. If you have received this message in error please notify the systems team immediately via e-mail to: postmaster@xxxxxxxxxxxxxxxxxxx <mailto:postmaster@xxxxxxxxxxxxxxxxxxx> ************************************************************************ ****************** ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')