iOS apps content delays

I have a T35-W running 12.5.11 and an AP125 access point.

Some iOS apps are showing signs of delay when connected to my WiFi and I'm struggling to identify a cause.

Example 1
Opening the Amazon shopping App, the initial home/screen of the app opens but its content can take around 10 seconds to appear.

Example 2
Apple News app, opens successfully, but content can take 10 seconds to appear.

Switching to mobile data and running the apps again, the data loads immediately.
So, something in my setup is delaying data and I can't work out why.

I have HTTP, HTTPS and an Outgoing proxy dedicated for mobile devices and I've tried turning off Subscription services (such as Gateway AV and WebBlocker) but the problem remains.

What should my next steps be in my investigation?

Thanks in advance.



  • Options

    Is your incoming bandwidth high, near max utilization?
    Than could be a cause.

    What does a speed test show from an iOS device ?

  • Options
    Hi Bruce.
    No. There’s negligible traffic within the network and external interferences the same.

    Firebox CPU utilisation is similar.

    Speedtest shows 145Mbps but there was a long delay in that starting too.

  • Options

    I don't have that problem.
    My Amazon app opens with content very quickly.

    Try setting up an Any packet filter for the IP addr of a test iPhone.
    If content opens quickly, then look at the policies that are being used to allow this content.

    I have logging enabled on all of my policies, and for all of my HTTP & HTTPS proxy action active options, so I can see what is happening in Traffic Monitor or in my log server.

  • Options

    Hi Bruce.
    Here's some info from my tests:

    1) All mobile devices are on an Alias - I don't believe that this use of Aliases in rules has an impact.
    2) I deleted all rules specifcally applicable to the mobile alias.
    3) Created new HTTP, HTTPS and TCP-UDP proxies for the mobile alias.
    4) No improvement.
    5) DNS Proxy which was applicable to all alias: changes to a packet filter... no improvement.

    I haven't used an Any Packet filter before... I'll try tomorrow.


  • Options

    When I click on the Amazon app, I quickly see a ton of log records in Traffic Monitor because of all of the logging options that I have turned on on my HTTPS proxy action & the HTTP proxy action on the HTTPS proxy action.

    The majority of the log records are Headers being stripped - many beginning with x-

    I do use a DNS proxy with Query Names being displayed so that I can see the DNS queries being requested.
    I also deny DNS over HTTPS - DNS type 65 because you can't see the DNS queries.

  • Options

    Also, I use FSM Traffic Monitor, with Max log messages set to 25K.
    This allows me to see a lot of entries for a specific IP addr over a period of time.

  • Options

    @Bruce_Briggs said:
    Also, I use FSM Traffic Monitor,** with Max log messages set to 25K**.
    This allows me to see a lot of entries for a specific IP addr over a period of time.

    Thanks for that one - didn't realise that option existed.

  • Options

    So, it may be related to one IP address.

    nondata event 'CHAN_READ_BLOCKED: 174: -> [A txr] {N }' Debug

  • Options


    1) I've reset the Network Settings on the suspect iPhone. No change.
    2) Couldn't really see any issues on the Traffic Monitor (but that's just probably me...)
    3) Deleted the 'Alias' from the Firewall settings and created a new one with different name...

    Monitoring... will report back.

  • Options is Akamai - which doesn't help understand this.

    Consider adding a DNS proxy with DNS type 65 set to Deny and Query Names set to Log, at least for this one IP addr.

    That may help identfying what the access is that is getting the CHAN_READ_BLOCKED

  • Options

    I can’t work this out. :'(
    Things are unusable. On an iPhone, tum off the Wi-Fi and apps and websites load instantly.
    Going to continue looking.

  • Options

    Try using a packet filter for this IP address

  • Options

    Will do.
    Thanks Bruce.

Sign In to comment.