search cancel

Unified Agent unable to connect via TCP due to tunnel error


Article ID: 175299


Updated On:


Web Security Service - WSS


Repeatedly getting the error message below in Unified Agent (UA) logs, as well as a CTC response with "ACTIVE(POSTCHK)" with the IP addresses of three data centers.

Setting client to RETRY because of a tunnel error

Attempting to connect to cloud via TCP


Web Security Service

Unified Agent


Ensure traffic generated by UA is not being intercepted by other security measures between the client and your gateway. This includes putting it on the bypass lists of any intrusion detection, network inspection, or protocol detection systems that inspect traffic on your internal network. These disrupt the flow of packets that are meant to form a tunnel and cause UA to fail to establish a connection to a data center.

Refer to Required Locations, Ports, and Protocols for documentation on UA network requirements.