Hello Forum, we are rolling out web filtering and I am troubled by websites that are legit and allowed by policy, not connecting. S360, latest released code. One is site www.msn.com. We have done some sniffing around the device. When I go to it and sniff proxy interface of the S360, all we see are unresponded to SYN packets. When I direct connect with browser proxy settings it immediately beings working properly. It has worked properly in recent past. I have made no changes I am really aware of. We use WCCPv2 from a Cisco 6500 to the S360. When snifffing firewall above the 360 we so no traffic from to msn dns resolved addresses. When direct to proxy it is fine. Sometimes it will connect for a brief time, sometimes a timeout, sometimes only some bare text from the site. Accesslogs look normal. Nslookup from s360 varies sometimes. Evict from cache says it is not in. Have added to proxy bypass and custom URL allow list. No diff. Something inside the box is having a problem. We added a bunch of domains from the windows update issue before and are still in. Anyone seen this? Pcaps available.