Your ICAP connector receives an ICAP 502 Bad Gateway response from Symantec Protection Engine (SPE)
C: FILEMOD icap://169.254.62.101:1344/SYMCScanRespEx-AV ICAP/1.0
C: Host: 169.254.62.101:1344
C: X-Filepath: /tmp/test.txt
C: Connection: close
C: Encapsulated: null-body=0
S: ICAP/1.0 502 Bad Gateway
S: ISTag: "24CE0504214948822CCF6434E0C4F7AB"
S: Date: Tue Nov 3 21:59:25 2020 GMT
S: Service: Symantec Protection Engine/220.127.116.11
S: Service-ID: SYMCSCANRESPEX-AV
SPE 7.x, 8.x
SPE cannot access the specified file at the location indicated in your connector's FILEMOD request. This is the only cause for an ICAP 502 Bad Gateway response.
Access can fail for reasons including but not limited to:
If the file path is for a network location (including locally mounted network storage such as an Azure blob or an AWS S3 bucket), then there may be a delay between when the scan request is created and when the file is actually available from SPE's perspective. For example, if your connector is monitoring the network storage, it may see the file as available and send the request before the file is available on the mount point, causing this result.
Ultimately, you will need to find the environmental factor that is causing file access to fail. Ensure the following:
This response is not logged on SPE in either the scanning logs (<install dir>/log/) or the CSAPI logs if they have been enabled.