what sort of traffic is blocked? just typical port 80 traffic?
We have seen an issue where an "allow all" rule will not permit LDAP 389 traffic at random intervals. We can see the blocks recorded in the activity log. Are you using Connection Aware Groups (CAGs)?
Can we circle back to this one. I'm having issues with laptops not being able to authenticate to our servers. The logs show multiple error regarding TCP, "Blocked Outgoing TCP" ldap 389 and epmap 135.
What does your firewall rules policy look like? Are you using any connection/location aware groups? Have you confirmed that disabling the firewall restores communication?