• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Adding Computer to Group doesn't follow access rule

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Adding Computer to Group doesn't follow access rule Page: [1]
Login
Message << Older Topic   Newer Topic >>
Adding Computer to Group doesn't follow access rule - 19.Jul.2010 3:27:50 PM   
KMcDermott

 

Posts: 2
Joined: 19.Jul.2010
Status: offline
I have an existing rule to permit External users HTTPS access to non-published web servers.  These servers are all "Computers" specified by IP address, that are members of a Group called "HTTPS Servers"

RULE = ALLOW HTTPS from EXTERNAL to HTTPS SERVERS for ALL USERS

The rule works fine for all IP addresses.

Today, I created a new IP address/Computer and added it to the same HTTPS SERVERS group in the access rule.

External Traffic to the pre-existing HTTPS SERVERS members continues to work.
Internal Traffic to the pre-existing HTTPS SERVERS members continues to work.

Internal Traffic to the new HTTPS SERVERS member works as expected (no filter).
External Traffic to the new HTTPS SERVERS member is filtered:

ACTION = Denied Connection
RULE = [Enterprise] Default Rule
RESULT CODE = 0xc004000d FWX_E_POLICY_RULES_DENIED
SOURCE NETWORK = External
DESTINATION NETWORK = Internal

Why would this be happening, and how can I fix it?
Post #: 1
RE: Adding Computer to Group doesn't follow access rule - 29.Jul.2010 1:16:03 PM   
KMcDermott

 

Posts: 2
Joined: 19.Jul.2010
Status: offline
Expired SSL Certificate on the CSS box was allowing rules to be edited, replicated to array members, but not enforced on the traffic.

Renewed & Imported new SSL certificate on the CSS box, and life is good.

(in reply to KMcDermott)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Adding Computer to Group doesn't follow access rule Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts