ISA 2004 - Not processing rule?

From: Michael (mike_chan__at_hotmail.com)
Date: 02/13/05 

Date: Sun, 13 Feb 2005 12:34:20 +1100

I've just installed ISA 2004 Standard. It is pretty much in its default
Edge Firewall template configuration. The external interface is picking
up an IP address from an ISP via DHCP and this works fine through
modification of a DHCP Replies System Policy...although I'm a bit
skeptical about letting DHCP Replies come from the External interface -
I had to do this because it doesn't seem to pick up an IP address if the
lease has expired.

The problem I am facing is that when I create a firewall policy with the
following attributes;

Action: Allow
Protocol -> Selected Protocols -> My Custom Protocol (Outbound)
From: Local Host
To: External
Users: All Users
Schedule: Always
Content Types: All Content Types

My Custom Protocol (Outbound) is defined as TCP Outbound for port 5000
to 5001. No Application Filters are enabled.

I enabled this firewall policy and placed it just underneath the "Allow
DNS to the Internet" firewall policy. Its in position 3 of the Firewall
Policy list just above the Last Default Rule.

I now start up my custom application (configured to talk to destination
port 5000). This is what the logs tell me;
Destination: externalhostname (IP not provided)
Destination Port: 5000
Protocol: My Custom Protocol (Outbound)
Action: Denied Connection
Rule: Default Rule
Client IP: myexternalinterface (IP not provided)
Source Network: Local Host
Destination Network: External

Despite tweaking with the custom firewall policy for hours now, I can't
seem to get my ISA 2004 to recognise that the conditions are the same as
the custom firewall policy I defined.

Can anyone shed some light as to why its doing this? Has anyone had the
same experiences?

Thanks.