I have an allow rule based on Source Ip address in the BM3.9 access rules. The rule is the same as on the BM3.8 server. When the proxy is set to the BM3.8 server the access rules are honored and the server whose source IP is in the rule can access the internet. When I change the proxy to the new BM3.9 server I get the SSL sign on page of the bordermanager server.

Has the mechanism of access rules changed between BM3.8 and 3.9 in regard to allowing certain IP addresses access to the internet ?

The rule is created as follows (copied from XML backup file)

<AccessRule AccessType="HTTP" Action="1" Direction="0" License="" Log="1" RuleLocation="" RuleName="Allow BES server all HTTP" RuleNumber="45080a39" Current_RuleName="Rule:45080a39">
<URL Comparison="equals" Type="Configured" Value="Any" />
<SourceIPaddrList Comparison="equals" Value="">
<IPaddr endAddr="" startAddr="" subnet="" />