After reviewing the logs, I disabled IPv6 and it appears to reset several times (because it's the one thing that I haven't done yet). Then all the settings were put back, so I disabled it again and IPv6 finally was disabled. I read another post where this issue occurred as well. I then deleted both of my WAN adapters and added them again. Now the transparent proxy is not only functional, but now is far faster than when I installed the image months ago.
The end result: The web performance increased dramatically. I somewhat seen enhanced web performance when IPv6 was enabled before, but I'm using COMCAST as an ISP, so they provide IPv6 at the modem now (they conduct their own tests with different modems that the FCC does not test)....no tunnel is needed. This may have caused some browsing effects with the internet as IPv6 is resolved at the gateway modem.
When I enable the QoS on the WAN interface, the erratic browsing is back. Some web pages will not open and some will. In particular, SSL enabled sites take a long time opening. So I bought a new router with Streamboost technology (DGL-5500), because I wanted to plug this between the gateway router and the UTM and it has a dynamic QoS that is in development between D-Link and Qualcomm. I'm not using it to steal any bandwidth from the ISP (switch to switch) and I'm saving tons of bandwidth with caching. I re-enabled the QoS on the WAN side and the SSL sites all are working correctly. I believe this had something to do with my home router by D-Link (DIR-865L). There are some firewall settings that I believe were restricted (Address and Port restriction settings will cause adverse browsing effects as they will block incoming traffic).
dilandau, to answer your question (my apologies), I'm not using the Generic Proxy to redirect web filtering; only the transparent proxy within the Web Filtering, nothing browser specific and not to other subnets. I did test the ability to apply the Web filtering to different subnets however (x.x.1.0/24 and x.x.2.0/24) and it works fine. I was able to set different Qualities of Service for different devices using different or static IP addresses. That worked great!
I used to have the Generic Proxy to forward to IPFire, but IPv6 was a problem (it is not supported in IPFire) as well as comprehensive web filtering. It's not as mature as Sophos UTM. Sure it can use domain or regex, but I just really don't know where their filtering list's come from or who's updating them. Then they added additional tools to browse anonymously, so I deleted that image quick.....not part of that cause.
The base filtering wasn't working at first either. Now the profile will filter first and then fallback (now Base filter) will block all like I wanted. It could have been resolved when I created new WAN side interfaces.
