From a workstation within a simple network (Windows 2000 Server Standard running ISA Server 2000 in integrated mode), I would like to be able to PING an external IP address from behind ISA server. When the Firewall client is enabled, any ping immediately results in "Destination host unreachable". When set up as a SecureNAT client (disabling the Firewall client and configuring the Default Gateway to be the IP address of the ISA Server), then any ping has a considerable delay and eventually results in "Request timed out".
IP Routing has been enabled (in ISA Server's IP Packet Filtering). I would want to maintain ISA's current behavior of not responding to Pings from the outside.
I'd appreciate any suggestions on what settings need to be adjusted on either the workstation or within ISA Server.