It works when we add domain.com to the list of addresses to bypass, but our users access many "sites" such as routers and other objects that open in web pages, by IP instead of URL of letters. They are being blocked by the default deny rule at the end of the firewall rules.
The only way I could get the users to access these types of sites was by adding a firewall rule to allow all anonymous access to the entire IP range.
This works, but that means that unnecessary traffic is going through the ISA instead of really bypassing it.