I am still confused about the Terminal Services Authentication setup.I know I need to put into my proxy.cfg file the following:

[Extra Configuration]
EnableTerminalServerAuthentication=1
RedirectHTTPSRequest=1

[Authentication Subnets]
PrivateSubnet1=10.0.0.0/255.0.0.0
PrivateSubnet2=10.4.5.100/255.255.252.0
PrivateSubnet3=164.99.145.98/255.255.252.0

(or you can use:)

[Authentication Ranges]
PrivateRange1=100.25.4.5-100.25.4.60
PrivateRange2=20.1.1.1-20.4.5.25

(or you can use:)

[Authentication Addresses]
PrivateAddr1=24.0.4.5
PrivateAddr2=45.3.45.6
PrivateAddr3=44.5.6.8


My question is about the Authentication Subnet, Ranges, and Addressessection. Our school district has 5 buildings with 13 different
subnets for desktop computers/printers. In addition, each of our
servers is located in its own subnet to cut down on broadcast traffic.

A fast Cisco core switch ties it all together so our network is very
fast and reliable. Our BorderManager server is in its own subnet and
has an IP address of 10.121.120.4. We will be using Terminal ServicesAuthentication so the Macs on our campus logout of BorderManager oncethe end user quits their web browser. Besides my two questions below
the only other piece we are waiting on is the Netscape snap-in. Two
questions:

1. Should I use Authentication Subnets, Ranges, or Addresses? I am
confused about exactly how to configure this section of proxy.cfg.

2. The read me states:

"For performance reasons, you should keep the address ranges as smallas possible, and apparently even in a different subnet class than
everyone else."

Is my network going to take a big hit once I implement Terminal
Services Authentication?

Thanks
Dave