When Secure ICAP is enabled per Configure the secure ICAP options clients can no longer connect to Symantec Protection Engine (SPE) on the standard ICAP port configured (default 1344).

This is by design, when secure ICAP is enabled for SPE, the SPE instance in question no longer listens for standard ICAP communications.

Workaround

If both secure and standard ICAP are required in the same environment, Symantec recommends implementing at least two SPE servers, one to provide secure ICAP, and one to provide standard ICAP.