Troubleshooting Issues with Nessus Plugin Updates that Traverse a ProxySG


Article ID: 169138


Updated On:


ProxySG Software - SGOS


Unable to update Nessus Vulnerability Assessment Tool via ProxySG in Explicit Connection.

Nessus Plugin Feed server IP:

# nessuscli update --all
----- Fetching the newest updates from -----
[error] Could not connect to through proxy <ProxySG IP: 8080
[error] Nessus Plugins: Failed to send HTTP request to
Nessus Plugins: Failed

[error] Could not connect to through proxy <ProxySG IP: 8080
[error] Nessus Core Components: Failed to send HTTP request to
Nessus Core Components: Failed

* Failed to update Nessus Plugins
* Failed to update Nessus Core Components


Packet capture shows request with user-agent string Nessus/* and 406 Response. Reason is because the http CONNECT request header syntax is not acceptable. It is not accepted and 406 Response will be sent by ProxySG immediately without applying policy rules.

Request Header

Host: :443
Connection: keep-alive
Proxy-Connection: Keep-Alive
User-Agent: Nessus/6.5.2

Response Header
HTTP/1.1 406 Not Acceptable
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Proxy-Connection: close
Connection: close
Content-Length: 652

<TITLE>Request Error</TITLE>
Request Error (unsupported_protocol)
Your request used a protocol that is not currently supported.
For assistance, contact your network support team.




By default ProxySG parse HTTP requests strictly and rejecting all syntax errors. A workaround is to configure ProxySG in CLI to tolerate certain syntax errors in HTTP requests.

> enable
# show http
# config t
#(config) http tolerant-request-parsing

NOTE: This will enable tolerant-request-parsing