Upload and download are not working when the GitBash CLI traffic is forwarded to WSS/CASB. The client is showing an authentication failed error for the target repository.

As of 3.147, the GitHub Gatelet does not support CLI-based traffic. Therefore, the customer should consider isolating the GitBash CLI traffic from sending to CASB when configuring the proxy forwarding.

The proxy admin can isolate the GitBash CLI traffic from the browser-based traffic based on the user-agent tag. Below is an example of the rules that need to be added to the Proxy:

First, the customer needs to identify the GitBash Cli traffic:

define condition exclue_cli_github

request.header.user-agent="git"

end

Then the proxy admin need to exclude this from the WSS forward list:

<Forward Cloud> condition=casb_groups conditions=WSS_Forward_List condition=!exclude_cli_github