I enabled Access to protect our self hosted CRM (subdomain) using a rule to allow users ending in @domain.com
I then set a CORS rule to allow the main website lead form to submit data to the CRM.
(Curl, silent post.)
Allow-Control-Allow-Origin = domain name of main site.
Access-Control-Allow-Methods = Allow All Methods
Access-Control-Allow-Headers = Allow All Headers
After applying this, it takes much longer for the data to submit, and returns the success page, but a warning is appearing, "TCP Connection Reset by Peer."
I then deleted these rules and made a new policy for the IP of the server to BYPASS and it worked as expected.
Does anyone have an answer for this behavior?