book
Article ID: 169351
calendar_today
Updated On:
Issue/Introduction
Protocol detection enabled. SSL interception enabled:
The ProxySG will return a "200 Connection established" to a CONNECT request, even if the request is denied by policy. The access denied response is returned to the client within the SSL session.
Protocol detection enabled. No SSL interception defined:
The behavior is similar to the above. By default, the ProxySG intercepts SSL on exception and returns the access denied response to the client within the SSL session.
Protocol detection enabled. SSL interception disabled by policy:
The ProxySG will still return a "200 Connection established" to a CONNECT request. However, the browser will show a "page cannot be displayed" type message because the ProxySG cannot return an access denied response without intercepting SSL.
Protocol detection disabled:
The ProxySG will return a "403 Forbidden" to a CONNECT request if protocol detection is disabled.