We have a Windows-2008R2-Terminal-Server with 5 users. From these 5 users 4 are able to use a special application on this TS with access to a https-website (sort of creating a certificate). When the 5th user is trying to create a certificate, I can see packets with the TS-IP filtered by the BM36, where the other 4 users run through. When I disable packet-filtering on the BM-Server via INETCFG the 5th user can generate his certificates. And - I like this part - when packet-filtering gets enabled again via INETCFG, the 5th user keeps the ability until a server-restart.

I have no clue on where to start with my further research. All 5 users on the TS are supposed to have the same rights and same settings for internet-access, so why is one user blocked?

Any hint, guess or idea is highly appreciated.