Getting 503 response when uploading a file through the Proxy and DLP is scanning the file.
search cancel

Getting 503 response when uploading a file through the Proxy and DLP is scanning the file.

book

Article ID: 250043

calendar_today

Updated On:

Products

ISG Proxy ProxySG Software - SGOS

Issue/Introduction

The proxy have a policy for ICAP Request mode to send the object to a DLP server.

User try to upload a file but failed to do so and the developer tool on the browser is showing a 503 response from the proxy.

When bypassing SSL interception, it works fine.

 

Cause

The issue is due to the DLP server is blocking or dropping the uploaded file.

The proxy HTTP debug shows the following error:

4034.013 HTTP   Explicit HTTP INFO   HTTP CW 193BB730A40             PEXID: 25 (ICAP Error)
4034.013 HTTP   Explicit HTTP INFO   HTTP CW 193BB730A40             exception id 25
...
4034.013 HTTP   Explicit HTTP INFO   HTTP CW 193BB730A40             Terminating connection with response code 503
...
4033.470 HTTP   Explicit HTTP INFO   HTTP CW 193BB730A40             request from: 10.10.10.11, URL: https://www.example.com

 

The packet capture will show the proxy sent a TCP SYN packet but didn't get a response or the initial TCP handshake with the DLP server was successful but there was no ICAP respond.

 

Resolution

This is more of an issue on the network side or the DLP server.

Create a rule in the proxy to bypass DLP scanning and the user able to upload the file without any issue.

Powered by Wolken Software