I'd like to set up my UTM (home network) so that outbound traffic is pretty much unrestricted (except for performing analysis by IPS, Web Protection etc) therefore I thought the best way was to have a firewall rule for outbound traffic from "Internal (Network)" for "Any" traffic to "Internet-IPv4". This works fine for me.
I also have Web Protection enabled for "Internal (Network)" in transparent mode, with policies set up for various categories. For the most part this works, but I keep coming across occasions where things go wrong and get blocked or really slow. For example, some website download links fail or need many attempts to get started, video streaming services buffer for ages. If I disable Web Filtering things get back to normal, but the strange thing is that nothing ever gets logged for these "issues" - I've checked them all and I do see some entries for other things getting blocked but never for these issues I get. Makes troubleshooting rather difficult.
Then the other day I when I had a strange problem and nothing logged, I decided to tackle this differently. Instead of disabling Web Filtering, I disabled the outbound firewall rule mentioned above. Things then got back to normal but anything that did go weird, I could see log entries for them. Result. Unfortunately this meant that any machine/application needing external access needed to have outbound rules added to continue working.
I conclude then that my firewall rule is the cause of the issues and clashing with Web Filtering, but I'd like to know if this is expected behaviour or a bug? Is there another way I can have the unrestricted outbound access without interfering with Web Filtering?
Cheers,
Fernando
This thread was automatically locked due to age.
