First question: it really depends on how many existing xlates you might have in the NAT table, and also how is your connection between the FWSM to the GUI? It could be a combination of both that causes the delay.
Second question: capture should show the packets as soon as the traffic/packets are hitting the interfaces. If the traffic does not hit the actual interface, it will not show on the packet capture. It is the first thing that shows for packet going inbound to the interface, and it will be the last thing before packet left the interface going outbound.
You might want to open a TAC case to get the 2 issues investigated closer.
For the first question, since you have a thousand rules, around 2 mins is actually already quite fast to retrieve all the 1000 lines of ACL. Those ACL needs to be retrieved from the FWSM and the connectivity between the FWSM and the GUI is via HTTPS, so it needs to transfer the 1000 lines of ACL from the FWSM towards the GUI.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...