I'm stuck why this doesn't work, but basically I'm trying to allow devices connected to the LAN network of my SMB device access to the internet over certain ports.
Background: Locally managed 1430 appliance running R77.20.87
Access Policy (Firewall) is set to strict.
I've created a manual rule in the policy to allow internet access (top rule under Outgoing access to the Internet):
The service group "CFU_Internet" contains http, https, and ICMP.
What I'm seeing is traffic from the LAN network (172.x.x.x) to the internet is getting dropped on the last rule in the policy (rule 5 under Incoming, Internal, and VPN traffic):
What am I missing? Why isn't this traffic allowed by the first manual rule I created?
Dave