Unable to Establish Secure ICAP Connection between Network Prevent for Web and the Proxy

book

Article ID: 170015

calendar_today

Updated On:

Products

Data Loss Prevention Network Prevent for Web

Issue/Introduction

After following the instructions in TECH220170 (Configuring Secure ICAP for Network Prevent for Web), the connection between Network Prevent for Web and the Proxy is still failing.

In the Stunnel log, it can be found:

<date> <time> LOG7[main]: Remove session callback
<date> <time> LOG7[main]: Deallocating application specific data for session connect address

Cause

The proxy does not accept connections with TLSv1.

Environment

Network Prevent for Web
Web Proxy
Secure ICAP

Resolution

Modify the stunnel configuration file (stunnel.conf) to include:

sslVersion = all

options = NO_TLSv1