Messages

I have an opnsense running the following:
Board N100
Ram 32 GB
SSD:528
Version   25.7.11_2   
Architecture   amd64

With IPS mode OFF on suricata, I get 1300 mbps on speedtest
With IPS mode ON, I get ~500 mbps on speedtest.
I have all the hardware filtering settings on Interface turn OFF. See attached.

How can I get my provisioned bandwidth of 1300 mbps with IPS Mode ON?

For my guest network, I have configured adguard home for blocking and caching and unbound to do recursive queries. I have also configured a port forward rule to redirect any external dns 53 queries to unbound.  The guest network has internet and the external queries to dns port 53 queries are being redirected properly.
The only issue is that my the adguard home blocking list and settings are now longer being applied to the guest clients.  I do not see the clients in the query logs.  How can I configure adguard home for the guest clients?
Below in my config for adguard home, guest firewall rules and NAT port forward rules. For the port forward rule, the NAT reflection is "Use system default".