Not able to access SSL web site via a transparent proxy due to PTR query that fails

book

Article ID: 166723

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

 

Troubleshooting
The first step is to get a PCAP to confirm the issue. For example the image below shows that the connection from the client PC does reach the SG unit and that the SG then attempts to perform a PTR query on the site IP.
In some cases a DNS server will not respond to a PTR query so that SG unit does not get a response back.
 
Resolution
To fix the issue all you need to do is set the SG not to perform a PTR query, this can be done via the VPM under Configuration > Set Reverse DNS Lookup Restrictions.

Attachments