From: MI, USA
I've written an access rule with the following:
Allow All Outbound Traffic From: my own custom list of private IPs To: External and Perimeter Condition: All Users
This rule is the first one on my Polcy listing.
I have a user who's IP address is in the 'From' field and she is running a POS application which tries to authorize credit cards via g1.merchantlink.com:443. However while doing a monitor I keep getting this denial (see: http://www.lenawee.org/isaError.jpg ). Any one of my users (even those outside the Unrestricted Rule mentioned above) can visit https websites. It seems to me that this application shouldn't be treated any different than a regualr SSL connection.
One other note: I am requiring user authentication on the Private Network interface. Furhtermore I have the firewall client installed on the POS computer. My understanding is that the firewall client should take care of all authentication issues between the workstations on the LAN and their corsponding ISA Network interface.
I'm open to all suggestions.
< Message edited by lcsgeek -- 18.Jun.2008 3:23:57 PM >