Very very strange problem at one of my clients...if anyone can shed any insight on this it would be greatly appreciated. Apologies for details out of order or all over the place. My head is spinning right now from this. The farm is 2 PS4 servers, with Web Interface on the server CITRIX01. Internally I can hit http://citrix01/citrix/metaframe, bring up web interface, and it works just fine. Pass-through authentication works, I see applications, and can run them with no issues. In DNS there's an alias for portal.company.com pointing to the IP address for CITRIX01. This name is also a registered Internet FQDN that can be hit from the outside. If I hit any of these URLs from inside the network OR outside: http://portal.company.com/citrix/metaframe https://portal.company.com/citrix/metaframe http://<internalipaddress>/citrix/metaframe https://<internalipaddress>/citrix/metaframe http://<externalipaddress>/citrix/metaframe https://<externalipaddress>/citrix/metaframe I see the "click here if you are not automatically redirected" text, but then a login box immediately pops up. I can put in any credentials I want, but none work, and I get this HTTP error: HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials. I've searched through every MS article on that error, I've reset passwords for the IUSR accounts and re-synched them with IIS, verified that anonymous access is turned on in IIS correctly (as well as integrated authentication), rebooted servers, as well as a slew of other misc. things. Has anyone seen this? It's extremely odd that I can hit it internally via the server name, but using the external IP address, the fqdn, or even the internal IP address (internally of course) gives me that error. Out of ideas. Help! Adam