First question that needs to be asked is how are their machines setup in terms of accepting cookies? As for the firewalls, most firewalls will allow solicited traffic through on port 80 without any problems. Since you are using cookies to maintain state from page to page, I would look at that first. There is the possibility that the firewalls (or paranoia devices) are cleaning up the cookies after the user leaves the page, thus disabling the session info (but this is just a guess). chris -----Original Message----- From: Bird, Graham We are currently running an online survey which uses a multi-page form with session cookies. Several users have reported not being able to progress past the first or second page. They all seem to have either a personal firewall or some other sort of "ACME Internet Attack Paranoia Device". Can anyone shed any light on what is going on? The personal firewalls and such *could* be a red herring, but it seems rather coincidental otherwise.