Can anyone tell me if it is possible to allow / block based on filetype in Safetynet Plus please?

A few schools here in Oxfordshire are leaving the county provided broadband and moving to other ISPs including RM.

This means that the way those schools access their (centrally hosted) SIMS has changed and the first school that have chosen RM as their ISP are having problems. The only thing I can think that may be causing the issue is filtering - however no filter page is returned (but still not ruling out safetynet because portforwarder.cgi is such a small window)

The method of getting to sims is:

1. In a browser go to our AEP Netilla landing page
2. Log in
3. Click on the SIMS icon
4. This first opens an AEP window called portforwarder.cgi and then opens a Terminal Services connection to SIMS

Point 4 is where the system fails for the school yet works for other schools using other ISPs. Is CGI access allowed?, is RDP allowed or is there a way I can specifically allow them to prove the point that it is safetynet casuing the issue?

Many thanks in advance