Internet Related/Filtering/Firewall Thread, TMG 2010 unexpected results in Technical; I've got a TMG 2010 box here that acts as our firewall. Basically all web access goes through a smoothwall ...
14th March 2011, 02:05 PM #1
- Rep Power
TMG 2010 unexpected results
I've got a TMG 2010 box here that acts as our firewall. Basically all web access goes through a smoothwall box and out to the LEA and the TMG box is the default gateway for the other access (local LEA and similar)
We mainly use this to allow access to specific sites on the LEA's subnets (websites that are effectively internal but not on our network)
The primary rule to do this is to Allow access for the internal network to the specified subnets (the LEAs) for HTTP/S and PING etc. This works fine and as expected.
However when I run the Traffic Simulator and test whether it would allow access to www.madeupsite.com or any actual website it says the above rule matches the packet and allows it!
Am I missing something here? With this one rule the destinations are explicitly set to the LEAs server addresses, yet any website 'passes' on this rule! This is the only rule in place as the next rule is the default 'Deny All', the logging actually shows my Allow rule is allowing the access based on a packet match:
"The rule Allow local Bypass matches the packet. The packet is allowed."
So TMG is saying it would allow access based on the fact it matches on HTTP, even though the destination does not match? I thought the rule had to match everything to be allowed?
EDIT: After staring at this for hours I've realised it was all down to a typo!!!
Last edited by GoldenWonder; 14th March 2011 at 02:50 PM.
IDG Tech News
By kevin_lane in forum Enterprise Software
Last Post: 26th February 2011, 10:03 PM
By flaviorodrigues in forum Wireless Networks
Last Post: 25th February 2011, 06:32 PM
By localzuk in forum Internet Related/Filtering/Firewall
Last Post: 4th November 2010, 10:37 AM
By GoldenWonder in forum Internet Related/Filtering/Firewall
Last Post: 14th October 2010, 11:06 AM
By localzuk in forum Windows Server 2008 R2
Last Post: 27th September 2010, 01:11 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)