We have a R80.20 standalone gateway. We use URL filtering and application control, consequently, have a rule to block different web categories. After installing the latest jumbo hotfix, the rule that blocks web categories rejects packets in https traffic instead of dropping. This happens because connections which could not be redirected (to user check block portal for https, this is an expected issue) are now rejected and seems to close the whole session, see sk158293
Translating this to my environment and if I am not wrong, when user browsed to a website and parts of the site (other links like adverts) are blocked per the rule, the user cannot be redirected to User Check Block portal and the whole session is rejected.
As a workaround, I split the rule and created a specific one to block only web adverts in which users are not redirected to the Check Block portal. Doing so, there is no reject actions and session is not close, users can brose a website in which some parts are dropped for being web adverts. Actually, this makes sense as adverts are links embedded into the main web, so we don't need to show the Check Block Portal for them.
I hope this can help others