OT: Router

[Paul Welsh]

Sorry this is OT but I'm sure I'll get some sensible answers here.

I've been playing with the Sophos SC1000 appliance that scans web pages for
nasties before end users get to see them.  This web content scanning malarky
is going to be "a big thing" I'm sure.

Anyhow, for my sins I'm running MS ISA Server 2004.  Stuck the Sophos
appliance on its own DMZ and pointed its default gateway at the Internet via
an el cheapo Netgear router configured to do NAT which is connected in turn
to a high speed ADSL line via an el cheapo BT ADSL router operating in
non-NAT mode.

All works fine except certain web sites, eg, Natwest online banking.  The
https page where you enter your customer ID loads.  You enter your ID and it
hangs before reaching the page where you enter random characters of your PIN
and password.  Likewise, some web mail sites (non-secure) hang at certain
points.  I think the web mail site is hanging when it tries to run a .pl
page.

After a lot of head scratching it turned out to have nothing to do with the
appliance.  A different PC connected to the router exhibited the same
problems.  Gave the appliance a public IP and stuck it on the Internet and
it works fine.   This configuration is, I understand, not officially
supported though.

Time to buy a better router?  Any recommendations?  The router isn't
configured to do anything odd and I have rebooted it.

I intend placing 2 servers running MailScanner on the same DMZ at a later
date.  Is it sensible therefore to buy a decent router/firewall to protect
this segment?  Smoothwall / monowall worth a go?