Looks like you've got source ports set, where you should instead have destination ports set. An HTTP connection, for instance, can have anything as a source port. But it will have port 80 as the destination port.
Ports are services are the same thing. So "port 80" and "HTTP" mean the same thing, for instance. But the port applies to the service on the server, not the port the client is coming from. You've got it set so that the client will have to come from port 80 or 443 or whatever to be allowed out. What you want to do instead is set it so that it will allow outgoing traffic from any client port, as long as the destination port is 80 or 443 or whatever remote services you want to allow connections to.
Your rules from the images should be like below:INT / Source / Source Port / Destination / Destination Port / GatewayLAN / Lan Net / * / * / 80 (HTTP) / *LAN / Lan Net / * / * / 443 (HTTPS) / *.........LAN / Lan Net / * / * / 587 (SUBMISSION) / *Meaning, in most cases, you do the port/ service filtering on the destination port, as source port is randomly established, and is not the same as the service port.PS I don't mean to offend you, but this is pretty basic (ABC), and as you can see, other people around already gave you this solution, but without examples (as being quite basic stuff, they must have thought it was just a small "typo"/ misplacement!). Are you sure you know what you're doing? Since you said it involves users, and proxies, and so on and so forth, I guess it's about a production environment... If so, maybe someone with deeper knowledge/ experience (better both) might be much more appropriate for a production environment; should you maybe ask for help from a local IT guy/ company?!... Just suggesting!... Anyway, I wish you the best with your network!
Thank you for your answer, but i think we misunderstand each others here becasue you come to a conclusion that i dont know about the network or ports.
i am the IT / network guy. and it appear something was wrong with the firewall a A10 hardware and it been replaced and the firewall rules are working now.i start the post to check with other if i've missed something but the issue was the firewall and not me or the rules.
people are posting thread to ask for help/share experience not telling them who to hire or how bad/ good they knowlidge is.
QuoteThank you for your answer, but i think we misunderstand each others here becasue you come to a conclusion that i dont know about the network or ports.Sorry, mea culpa! Quotei am the IT / network guy. and it appear something was wrong with the firewall a A10 hardware and it been replaced and the firewall rules are working now.i start the post to check with other if i've missed something but the issue was the firewall and not me or the rules.Glad to hear you did find it and did solve it!Quotepeople are posting thread to ask for help/share experience not telling them who to hire or how bad/ good they knowlidge is.You are right, I shouldn't have said what I have said, even if it was certainly true, especially since it turns out it's not!I sincerely apologize for my post, and I truly regret I did cast a dark shadow over your expertise. In spite of having good intentions, this is a situation I am ashamed of generating. Please, one more time, excuse my lack of success trying to be only helpful.I wish you the best!
