ok i got the feeling this is an easy one but it is escaping me, i recently removed a profile that was allowing 10.0.0.0/8:* and *.fqdn.* on a few of our roles in order to specify via resource policy access to devices, now i have a vendor that is fine until wsam launches, then he loses connectivity to his soft phone, communicator, outlook and anything on HIS network. somehow i think i managed to tunnel all of HIS networks traffic through our IVE which of course he has no route to.
SA4500 running 6.5R1
any suggestions would be appreciated
OK, I'm confused. What kind of "profile" did you remove? Did you add it back to see if it fixed your vendor's problem?
What settings does WSAM have in the role applied to this vendor? Are you forwarding traffic through WSAM based on process or destination?
ok i figured it out, when i removed the general rule allowing access to 10.0.0.* for all traffic, i added it back as *:*, which then tunneled ALL traffic through wsam which of course my outside vendors had no route back out to them therefore killing their connections, i simply added 10.0.0.* into the role for which it was needed