Sorry guys its "2" I misstyped it, anyway the reason behind this is that I work in a company where the firewall is under the control of the internet provider and we only have LAT ips here the wan is not under my control plus the ISP is not filtering everything like what should i do if i need to stop the messengers like MSN,AOL ect... or block certain sites ,thats why I want to set up the ISA 2004 firewall on my DNS/active directory server to resolve this issue.