If I have users connect to a CAG, then use WI to connect to published applications, are those applications then protected in an SSL tunnel? I am concerned that they are simply unprotected ICA traffic on the internet. Chad Schneider Systems Engineer ThedaCare IT 920-735-7615