Last weekend I had to change my modem due to upgrades from my ISP.
Unfortunately the new modem doesn't allow me to put in bridge mode, so I gave the UTM a fixed IP-address on the External WAN interface and entered that IP-address as a DMZ address in the modem.
All IPSEC connections work again, so do my NAT-rules.
It seems however that since the change the webfiltering has become slow to extremely slow.
Some websites take several seconds (4 - 20) before starting to load.
Some websites take ages to load completely, usually in such a case after almost all the website got shown, the status bar shows google-analytics.com, or google.com or googly-syndicate.com, but also doubleclick.net and some others seem to stall loading these websites for a long time (sometimes over a minute).
It looks like that when a site is loaded and I reload it within a couple of minutes, then the reload is normal (new content shows up almost immediately and also the total loading time of the site is quick). If I wait too long I see the delays again.
Right now the only category I block is nudity. A/V scanning is on (single engine) and my machine is a Intel Core i5 4670 with 8GB of RAM and CPU governor switched to performance (but with ondemand it shows the same behavior).
When I switch off web filtering all delays are gone immediately, but they return as soon as web filtering gets enabled again.
Google (also just search it by entering search words in the browsers address bar) seems to always take a long time when webfiltering is switched on. On other sites I didn't really find same behavior on different visits, however the delays are really annoying.
I'm using the transparent filtering with no authentication and no https scanning
Guest User!
You are not Sophos Staff.
