In https://community.sophos.com/products/unified-threat-management/astaroorg/f/98/t/68564, we were told that it wasn't possible to have a subnet covered by a Profile in a non-transparent mode and by transparent mode in the Default (Web Security >> HTTP/S).
Apparently, this issue was indeed addressed because I was able to reactivate the "offending" profile.
Hip!-Hip!-Hooray! for the developers!
Cheers - Bob
This thread was automatically locked due to age.
