Firewall slows traffic and causes timeouts?

[briansthename]

Hi everyone,
I have just recently put Untangle up between my mail, web, & DNS server and the internet. I noticed that when the Untangle Firewall is on clients get very slow loading of the OWA page for example. When the firewall is off it's faster.

When I have someone load the OWA page for example, ports 443 and 80 are open but yet when they hit enter the bars for block and pass shoot up, and there is nothing in the logs.

I have all the ports I want open and the default rule is to block. Why is it so slow when the firewall is enabled?

[Solignis]

Do you have the firewall set to Default Block? If so turn it to Default Pass, then try it. The problem with alot of web services I have played with is that they use random ports for the source port and things. You might be hosting OWA on port 80 and 443. But when the browser connects it uses a random port on the client end. That is at least how are computers seem to run.

[briansthename]

Okay, that does make sense, Won't there be no point to have the firewall on if it just passes everything?

[dhtc]

The firewall just blocks outgoing connections. The block all setting causes more issues than it fixes, IMHO. I would set it to pass all and have one policy to log everything at the very least. Having a block on port 25 for everything but your mailserver (if you have one) is also a good idea.

[mdh]

And also have a block on port 6667 outbound. If you get a bot or a trojan on your LAN, that helps to keep them from making contact with the mothership.

[dwasserman]

And also have a block on port 6667 outbound. If you get a bot or a trojan on your LAN, that helps to keep them from making contact with the mothership.

6667 is the port used for IRC protocol. why block this?
Let the people chat!!! :-)