Our payroll application tries to communicate over 443 with the payroll server (outside the network) and we're getting access denied errors on the ISA logs. The firewall rule looks fine and I have recreated it with no success in resolving this problem. It looks like ISA is skipping over the rule I created.
Rule is: Allow All protocols from Internal to 22.214.171.124 by All Users.
Have tried to limit protocols to HTTP and HTTPS but that doesn't seem to make a difference either. What else can I try?
Here is the entry that fails (with some substitutions for IP and user names):
Original Client IP Client Agent Authenticated Client Service Referring Server Destination Host Name Transport HTTP Method MIME Type Object Source Source Proxy Destination Proxy Bidirectional Client Host Name Filter Information Network Interface Raw IP Header Raw Payload GMT Log Time Source Port Processing Time Bytes Sent Bytes Received Cache Information Error Information Authentication Server Log Time Client IP Destination IP Action Destination Port URL Protocol Rule Result Code HTTP Status Code Client Username Source Network Destination Network Server Name Log Record Type
10.5.100.8 PROGRAM.EXE:3:5.0 - TCP - - - 10/17/2008 7:15:23 PM 3270 0 0 0 0x0 0x0 - 10/17/2008 12:15:23 PM 10.5.100.8 126.96.36.199 Denied Connection 443 - HTTPS [Enterprise] Default rule 0x800733f5 WSA_RWS_ERROR_ACCESS_DENIED CFS\Username Internal External ISA01 Firewall