Hi All im not sure if i would say that my setup is complicated, but its not overly simple either. previously my whole company used windows XP and we needed home users to connect to our network via VPN and use a proprietry h.323 client to connect to our VoIP server that resides on another subnet within the network. at the same time they needed to be able to browse the web from their home PCs. to do this i used split tunelling. for the sake of this lets assume that there are no security issues and ignore that part of it. With windows XP users would connect thru my ISA 2004 server and the DHCP server would assign them an IP, also a few classless static routes would be written to their local machines so they could access the various subnets within my network - all from the DHCP server. from one simple login to the VPN, they had access to all my subnets including the VPN local. with the introduction of Vista i cannot seem to get the routes written to the VPN clients. i have read that a security setting stops this CMROUTE.DLL? is not accessible? anyway thats the least of my worries right now. i can always write a script to manually add routes and thats what i do. so now lets assume that i can connect vista to my network over the VPN and i also have access to all my subnets. i can ping servers andtelnetall over the network all day from my vista machine. my problem is this and i have been researching it for months: the h.323 client for my VoIP does not connect to the voip server. it does work on XP, it also works on vista when the PC is connected to the local networkthat the VoIP server is on, however if i remove the vista PC from the local network and throw in a VPN, it doesnt connect. im wondering why this may be, any suggestions will be considered - with my vpn and company network there are no firewalls or filters, all data is free to do as it pleases and this is shown by the way everything works perfectly on XP. is there some setting in Vista that says "you can connect to the vpn and route to the local vpn network, but you cant route deeper into other subnets on the vpn - even if you manually hardcode a route" ? thanks in advance and i hope someone can shed some light. Quintin