All of the below scenarios assume that a packet capture taken on the proxy shows SYN packets sent from the proxy to the server IP address, with no SYN,ACK responses.
Typically, the browser and/or event logs show a tcp_error, this means the upstream network is not responding to the proxy. This article elaborates on the following related article: Error: "Network error (tcp_error)" when browsing the Internet; 503 error returned to the client, focusing here on the situation where bypassing the proxy resolves the issue, which due to the superficial logic, tends to lead customers down the wrong line of investigation.
This article lists the most common causes of this, in order to help the customer to investigate in the right direction. This is important since in cases like this, the proxy is already doing all it can to make the connection. Even though this scenario very clearly indicates an issue with either the upstream network, or an upstream device or even the server itself, very often users are still able to access the site when bypassing the proxy, and so ignore the packet capture evidence and focus incorrectly on the proxy.
All of these causes have been seen, some of them very often, in real-life production networks, and are worth investigating when the proxy gets no response to its SYN calls, even if bypassing the proxy resolves it.
1- Statistically, the most common point of failure is a firewall.
This is not an exhaustive list, but issues seen include:
2- Web server issues that are resolved when bypassing the proxy.
3- Routing problems on the network.
4- Other upstream devices - web categorising, filtering or scanning devices and agents can drop SYN packets at random due to software bugs.
Just two examples of many, here: