I've got a TMG 2010 box here that acts as our firewall. Basically all web access goes through a smoothwall box and out to the LEA and the TMG box is the default gateway for the other access (local LEA and similar)
We mainly use this to allow access to specific sites on the LEA's subnets (websites that are effectively internal but not on our network)
The primary rule to do this is to Allow access for the internal network to the specified subnets (the LEAs) for HTTP/S and PING etc. This works fine and as expected.
However when I run the Traffic Simulator and test whether it would allow access to www.madeupsite.com or any actual website it says the above rule matches the packet and allows it!
Am I missing something here? With this one rule the destinations are explicitly set to the LEAs server addresses, yet any website 'passes' on this rule! This is the only rule in place as the next rule is the default 'Deny All', the logging actually shows my Allow rule is allowing the access based on a packet match:
"The rule Allow local Bypass matches the packet. The packet is allowed."
So TMG is saying it would allow access based on the fact it matches on HTTP, even though the destination does not match? I thought the rule had to match everything to be allowed?
EDIT: After staring at this for hours I've realised it was all down to a typo!!!
Last edited by GoldenWonder; 14th March 2011 at 02:50 PM.
There are currently 1 users browsing this thread. (0 members and 1 guests)