Do you also see this when connecting by IP Address (https://192.168.66.2:3173
Check the Content Filter log for one of the new failed connection attempts. What does it say?
If something in the web proxy is still blocking the connection (there can be more than one), we can try creating an exception for that webapp. If you don't know what component may be the issue, you can begin by either adding components to the exception list one by one or add them all at first, then remove one by one. In both cases testing between add or removal until you find the culprit.
Another possibility is that since the traffic is being forced by proxy setting through the Astaro, even though it's in and out through the same interface, that other sections of Astaro are coming into play. Possibilities here are Packet Filter, IPS, and IM/P2P. Check those logs and it wouldn't hurt to do a quick temporary PF allow rule for port 3173 just to test.
Last thing that comes to mind right now is are you just setting in the browser that all web traffic should go through the proxy (Astaro), or are you using a wpad.dat or proxy.pac? It's generally considered best practice to bypass proxy usage for intranet sites in order to avoid the same issues that you're experiencing. http://findproxyforurl.com/pac_file_examples.html
give some examples. This can also be done directly in the browser settings. For IE it'll be a checkbox for "Bypass proxy settings for local addresses".