FG-90E, Explicit Proxy, Authentication rules.
Windows10 machine moved from HQ to remote office doesn't have Internet.
The long story:
We are replacing old router and old proxy with FortiGate-90E. This is done on 2 stages - replacing router and replacing proxy. 1st stage done. Now we configured Explicit proxy on the FG and done with rules (office365 here) so we are at the test phase where changing local PC proxy address should work. Explicit proxy works with authentication rules & ActiveDirectory.All is OK for HQ.
For the remote there are some old WindowsXP computers - working fine. One server had "IE enhanced security configuration", but after removing it it was working.
We thought we are done, but when one Windows10 machine was moved to the remote site there is no Internet.
Authentication is OK.
Windows firewall is off.
There's ping from W10 to FG and vice versa.
There are syn packets coming on FG interface and synack packets sending to the W10 machine, but the browser (Edge) says "waiting to connect to proxy" or something like that.
Let's say it again, this machine was working OK in the HQ. The WinXPs are working. (but they are scheduled for replacing with win10 :( )
I'm pretty sure there is something very simple in win10 conf that must be done, but don't know what.
I'm attaching basic topology.