Verdict connect_method_denied in the Cloud Secure Web Gateway Service report
search cancel

Verdict connect_method_denied in the Cloud Secure Web Gateway Service report

book

Article ID: 173607

calendar_today

Updated On: 09-05-2023

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

The Cloud Secure Web Gateway (SWG) report shows a verdict of connect_method_denied.

  • connect_method_denied appears in the portal report when the page is blocked.
  • Cannot access a web page because the connection method was denied.

 

Environment

Cloud Secure Web Gateway (SWG)

Cause

Cloud Secure Web Gateway only allows web traffic over ports 80 and 443 by default.

Resolution

Cloud Secure Web Gateway can be configured to allow connections to non-standard ports.

Allow non-standard ports:

  • VPN/Firewall access method:
    • The All Ports license will allow any port to pass through the Cloud SWG service.
    • The Cloud Firewall Service will allow any port to pass through the Cloud SWG service via Policy > Cloud Firewall Service.
    • Domain bypass at the firewall from the IPSec tunnel will prevent traffic from going through Cloud SWG service. This workaround will allow traffic to use the non-standard port.

  • WSS Agent (WSSA):
    • The Cloud Firewall Service will allow any port to pass through the Cloud SWG service via Policy > Cloud Firewall Service.
    • Forward specific ports in the Cloud SWG portal via Connectivity > WSS Agent > Forwarding Ports.
    • Bypass the domain from the Cloud SWG service via Connectivity > Bypassed Traffic > Bypassed Domains.

  • Explicit Proxy
    • Bypass the domain from the Cloud SWG service via Connectivity > Bypassed Traffic > Bypassed Domains.
Powered by Wolken Software