Troubleshooting firewall rules
At some point, there will be a situation where your firewall rules aren't doing what you think they should be doing, and our firewall troubleshooting skills are put to the test. The first step is to diagnose the problem (for example, nodes on the DEVELOPERS network cannot access the internet). If we can easily identify the interface or interfaces which are affected, then we can focus on that interface's ruleset.
It is probably a good idea to check the Floating Rules
tab first, since floating rules take precedence over rules for an individual interface, and if the problem is a misconfigured floating rule, then we can save a lot of time that we otherwise would spend double-checking an interface's ruleset. If you are running a proxy server on your firewall, you may want to check the settings on that, since a proxy server's allow and deny lists tend to supersede firewall rulesettings.
The next step is to check the firewall rules for the affected interfaces, keeping...