Suricata

I'm trying to use the reject action to send reset packets when using Suricata out of band using a span port. Running suricata 2.0.5.

For my testing, I'm using an IP address for an internet webserver. When I create the reject rule, I am seeing the suricata alert. Using packet capture, I am seeing a few reset packets coming to my computer and the website does struggle to load but it eventually does load. When suricata is not running, the website loads instantly and I do not see reset packets.

Do you have any suggestions fully preventing the connection while out of band? I would really like to avoid going inline. Using drop packets would work better although not an option because the server is out of band.

Thanks!