Instead of using the SSL/TLS (HTTPS) application in your rule, try creating a custom application on TCP port 443 and use that in your rule. That should work.
This traffic is probably not matching HTTPS and falling through that rule, hitting the Deny All rule. If you make a new rule with this custom 443 application and put it below your current HTTPS rule the traffic should work (because it will fall through one rule and hit the other).
Thanks for the response. I set up a custom app by choosing tcp/udp and specifying port 443. I did not select the "other" bullet. I selected ANY for endpts and that didn't work. I then selected the IP's in question for endpts and that didn't work. I set up subnets in defense bypass and selected them as endpts but that didn't work. I have a 'generic' ssl/tls rule set up upstream of this 443 rule with ANY as endpts. Still stumped.........I appreciate your info though. THanks. JK
I tested these sites with a 443 packet filter application and looked at tcpdumps:
- This site did not respond to my SYN requests. The connection timed out.
- This site FINed my connection
The firewall never blocked anything or threw any errors. The first site timed out and the second site refused my connection.
Very interesting. Again, thanks for the help. Apparently there is something amiss with these websites. In fact I suspect there is a chance they may be controlling access to these sites on their end. I tried to get to them over lunch from outside the firewall and still no luck.