What HTTP response code does the ProxySG return to a CONNECT request?

Article Id: 169351

Status: Published

Updated On: 13-05-2017 12:35

Legacy Id: TECH246232

Products:

ProxySG Software - SGOS

Issue/Introduction:

Protocol detection enabled. SSL interception enabled:
The ProxySG will return a "200 Connection established" to a CONNECT request, even if the request is denied by policy. The access denied response is returned to the client within the SSL session.

Protocol detection enabled. No SSL interception defined:
The behavior is similar to the above. By default, the ProxySG intercepts SSL on exception and returns the access denied response to the client within the SSL session.

Protocol detection enabled. SSL interception disabled by policy:
The ProxySG will still return a "200 Connection established" to a CONNECT request. However, the browser will show a "page cannot be displayed" type message because the ProxySG cannot return an access denied response without intercepting SSL.

Protocol detection disabled:
The ProxySG will return a "403 Forbidden" to a CONNECT request if protocol detection is disabled.