Issues After 9.405-5 update

Question

Hey All, 
 I noticed under the VPN section that there have been issues with the SSL VPN connections, however ever since I updated to 9.405-5 last night, almost all secure traffic I try to send (HTTPS & SSH) traffic seems to fail and not go outbound. Or a better description, is that I can make an HTTPS connection to a site, and if I try to continue to browse the site, the connection times out or resets.... SSH connections to systems have been failing too.. i can ping these systems, but secure connections fail... 
 Am I going nuts here with this, or are my issues, and the SSL VPN issues potentially all related?

sachingurung · Answer

Hi All, 
 To all, the workaround on this issue is to disable "Pharming" in the Web Protection > Filtering options > Misc > Pharming. 
 Thanks

Vegard77Norway · Answer

x12Mike said: 
 I would have to concur that my issue is related to the MTU bug. I just checked my outside interface, and yes, it's set to 576. 
 If there is a patch coming soon, I'll wait it out, but if not, I'll follow the thread above to try to resolve manually.

sachingurung said: 
 Hi All, 
 To all, the workaround on this issue is to disable "Pharming" in the Web Protection > Filtering options > Misc > Pharming. 
 Thanks

Pharming is not relevant to the MTU DHCP challenge described above. 
 (Disabled Pharming, and UTM still accepts a MTU of 576 from DHCP server making.) 
 
 Testing with a MTU of 576 I'm able to Netflix and HBO, its just "a bit laggy" at times. I'm able to surf (slowly), and also ping as long a the packet is small enough. 
 Based on the description above it seems Windows has a better implementation of Path MTU Discovery than the Linux client used. 
 
 How come this is so hard? Optional usage of the MTU value from a DHCP server would be a start. 
 
 community.sophos.com/.../79288