We have an specific server that needs to contact a server on the internet to verify infomation. It is done through port 443. So I made an exception.

Src. IFace: (Private)
Dst. IFace: (Public)

Packet type: www-https-st
Src. Port: All
ACK Bit Filtering: Disabled
Protocol: TCP
Dst. Port: 443
Statefull Filetring: Enabled

Src Addr Type: Host
Src IP Address: <the_IP_of the windows server>
Dest Addr Type: Host
Dest IP Address: <the_IP_of the server on the internet>

In FILT.CFG this looks like this;
EXCLUDE ENABLED NOLOG, INTRFACE:Q57_1_PRI IP:10.x.x.x, IP:pid=TCP port=443 srcport=<All> ackfilt=0 stfilt=1, INTRFACE:Q57_2_PUB IP:217.x.x.x,

A same filter is used for a unix host that needs to contact the same service for the same purpose, only the src IP Address is different.

A packetscan shows me that the request reaches the BM-server, Src 10.x.x.x:1250 Dst 217.x.x.x:443 This is on the private side, the public side does not show any packet with the 10.x.x.x nor 217.x.x.x addresses.

Is there something with my exception or is this something with BM. We have had more of this sort of packetproblems lately, where there were no problems befoe we updated from BM3.8SP5 to BM3.8SP2