I had same problem a few months ago. The explanation probably is that Ironport S works different way download and upload traffic. I suggest you to read in the help online about Cisco Ironport Data Security Policies. If you created a site or a regular expression to Allow it in the Access Pol, then the same category needs to be added to the Data Security Pol in case you are uploading a file to the same site.
Be aware that the site you upload data is well known. (Allowing access implies not checking web reputation and also not checking all kind of malware).
I suspect that the issue is related to an application used in the transaction and to have a better confirmation of this issue, you can add the user agent string to the access log using custom field %u. Once this is done, you can re-run the upload and capture the access log at the same time.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...