Error message FWX_E_POLICY_RULES_DENIED
Posted on 2009-02-09
I have a ISA 2004 cluster set up. It has a NAT relation to the external network, which is actually a extranet situation with a private address range. I'm trying to allow my new proxy box on the inside of this ISA cluster to allow access to the outside, through the extranet network where I have a checkpoint cluster.
The internal network that is homing the new proxy is 10.20.0.0/16. I have set up the ISA in the enterprise rule to allow all traffic from the new proxy. Every time I try to connect to the internet (using any protocol) from this proxy I get FWX_E_POLICY_RULES_DENIED. The source of the request is internal, as it should be. The request is denied, however. It seems like ISA is just not applying my Enterprise Firewall Rule.
I don't understand why this is happening, I think it must have something to do with my network rules, however, they seem to be correct in my humble opinion. There are other systems in the same range as my new proxy, they're all connecting fine. What do I do to fix this problem? Many thanks for any help!