Thanks for the reply Tom, I have come across something interesting, I have two machines, one can successfully ping anywhere, and the other can't. Firewall clients and SecureNAT clients is set up on both machines. I tried to ping the same place from each computer, one can, and one can't. They are both in the same subnet net (it is a 'simple' network setup). The only main difference I can think of is that one machine is windows 2000 server, the other is XP professional, but that should not make a difference because their network settings are similar and they both should have to adhere to the same rules when it comes to ICMP, shouldn't they??? (back me up on that one, or not) I have no client address sets specified. I have only one protocol rule which allows all ip traffic. Protocol definitions are just all the default ISA ones. What the hell is going on?!?!?! Any help on this would be great!!!! Thanks very much guys, this discussion list is the best I have come across, Adam -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: 18 December 2003 20:16 To: [ISAserver.org Discussion List] Subject: [isalist] RE: quick question http://www.ISAserver.org Hi Adam, If the "All IP Traffic" protocol rule is enabled, then the SecureNAT clients have access ONLY to the protocols defined in the Protocol Definitions node in the left pane ISA console. Also, the rule must not require user auth, because the SecureNAT client isn't able to provide credentials. HTH, Thomas W Shinder www.isaserver.org/shinder <http://www.isaserver.org/shinder> ISA Server 2004 Beta - Coming Soon <http://www.microsoft.com/isaserver/beta/default.asp> ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp> -----Original Message----- From: Adam Hearne [mailto:adam.hearne@xxxxxxxxxxxxxxxxxxx] Sent: Thursday, December 18, 2003 2:04 PM To: [ISAserver.org Discussion List] Subject: [isalist] quick question http://www.ISAserver.org Hi guys, I finally got the SQL server's to connect through the ISA server. It ended up being I had to disable filtering of IP options. Can anyone tell me what option filtering is? But onto my main question, I have just read the article http://www.isaserver.org/tutorials/How_to_use_ISA_Server_Packet_Filters. html and I had a question about the following statement within it... "...Something to keep in mind regarding Protocol Rules is that if you enable a rule that allows "All IP Traffic, it will work differently depending on what type of client is accessing that rule. Firewall Client computers will have outbound access to all TCP/UDP ports, but SecureNAT clients only have access to the protocols that are specified in the Protocol Defintions that are configured in the ISA Server." I underlined the last sentence because that is what I has trouble understanding. In regards to the SecureNat clients, is that line saying that the mere act of specifying a protocol definition will enable it? I though you then had to use a protocol rule to specify who it applied to. I am confused. Being a beginner on this subject, understanding the little things often helps me understand the bigger things. I hope someone can please clear this up for me. Thanks again, Adam ************************************************************************ ****************** NOTICE - This message is the property of yourinsurancegroup (brokers) limited. It may also be confidential and/or privileged. If you are not the intended recipient of this message you are hereby notified that you must not disseminate, copy or take any action with respect to it. If you have received this message in error please notify the systems team immediately via e-mail to: postmaster@xxxxxxxxxxxxxxxxxxx <mailto:postmaster@xxxxxxxxxxxxxxxxxxx> ************************************************************************ ****************** ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to leave-isalist-1689814Q@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: adam.hearne@xxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to leave-isalist-1689814Q@xxxxxxxxxxxxx ****************************************************************************************** NOTICE - This message is the property of yourinsurancegroup (brokers) limited. It may also be confidential and/or privileged. If you are not the intended recipient of this message you are hereby notified that you must not disseminate, copy or take any action with respect to it. If you have received this message in error please notify the systems team immediately via e-mail to: postmaster@xxxxxxxxxxxxxxxxxxx ******************************************************************************************