Unable to access certain websites from Guest Wireless

Question

I have an SG 310 running 9.414-2 and have run into a strange problem. There are two specific websites that users connected to the guest wireless are unable to access, but users on the wireless bridged to the LAN can access them just fine. 
 There is only one firewall rule in place (Guest>any>internet ipv4) The DHCP server is the Sophos unit and DNS servers are 8.8.8.8 and 4.2.2.2. I can ping and traceroute www.virtuoso.com from the guest wireless fine but all browsers time out. In firefox on Ubuntu I do notice "Performing a TLS handshake to www.virtuoso.com...." at the bottom of the window that stays until the page times out. 
 Switching to the internal wifi provides the same ping and traceroute results and connecting is no problem. 
 I'm pretty sure it is an issue with my config as I have the identical issue at three other sites all with similar wireless setups. 
 Any help/advice would be greatly appreciated!

Marcel Lanz · Answer

We have had exactly the same Issue you describe here. Even a TLS connect to virtuoso.com (openssl s_client -connect www.virtuoso.com:443) showed timeouts and also browsers where unable to connect to the domain you mentioned, beside some of ours. 
 I checked a lot of configuration but came by accident to the MTU Size of the Wifi Interface. It was set to 1450 whereas the other interfaces set to 1500. As I set the Wifi Interface MTU to 1500, everything was working. 
 Hope that helps for others having the same issue. The Wifi MTU Size was set by the UTM and might be a glitch or bug?