All inspection settings were made according to the guidelines and best practices. Initially, we used a certificate issued by our CA for Check Point, namely a certificate for a subordinate CA. Accordingly, client machines in the domain trusted him. Clients use Windows OS. The preferred browser is Chrome, but some also use FireFox, which needs to be additionally configured so that it accesses the system certificate store. As a result, the certificates are where they should be, clients trust them. We turn on the inspection and observe strange behavior when opening web pages. Something is opend, something is not, something is partial. In search of reasons, we changed the certificate to a self-signed CheskPoint, extended it to clients, but unfortunately, the picture remained the same.
One could say that the load for the 6200 is too heavy. 300 users. But according to CPView, the load on the cores is 35 percent on average, there is enough memory.