Posted on 2009-02-09
Last Modified: 2012-05-06

I have a ISA 2004 cluster set up. It has a NAT relation to the external network, which is actually a extranet situation with a private address range. I'm trying to allow my new proxy box on the inside of this ISA cluster to allow access to the outside, through the extranet network where I have a checkpoint cluster.

The internal network that is homing the new proxy is I have set up the ISA in the enterprise rule to allow all traffic from the new proxy. Every time I try to connect to the internet (using any protocol) from this proxy I get FWX_E_POLICY_RULES_DENIED. The source of the request is internal, as it should be. The request is denied, however. It seems like ISA is just not applying my Enterprise Firewall Rule.

I don't understand why this is happening, I think it must have something to do with my network rules, however, they seem to be correct in my humble opinion. There are other systems in the same range as my new proxy, they're all connecting fine. What do I do to fix this problem? Many thanks for any help!
Question by:AimToPlease
    1 Comment
    LVL 4

    Accepted Solution

    Problem solved.

    Turns out the certificate for contacing the configuration storage server had expired. After generating a net certificate and importing it wirh ISACertTool.exe, the non-working rule started to work immediately.

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Join & Write a Comment

    If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
    To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now