"Proxy Response status: 403 URLBlocked " error received from proxy after moving Enforce to a new server 
search cancel

"Proxy Response status: 403 URLBlocked " error received from proxy after moving Enforce to a new server 

book

Article ID: 267222

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

After moving Enforce to a new server you observed a "Proxy Response status: 403 URLBlocked " erro in the MonitorController0.log and DLP services keep restarting every couple of minutes.

1. Connection to Symantec Cloud Gateway is terminated

May 23, 2023 12:58:10 PM com.symantec.dlp.services.csgconnection.ConnectionStateManager onDisconnected
INFO: Connection to ConnectionIdentifierId [hostName=gw2.csg.dlp.protect.symantec.com, port=443] is terminated.

2. Proxy Response status: 403 URLBlocked

May 23, 2023 12:59:01 PM com.symantec.dlp.communications.common.activitylogging.JavaLoggerImpl log
SEVERE: 
java.lang.Exception: Proxy Response status: 403 URLBlocked
at com.symantec.dlp.communications.transportlayer.impl.NettyTransportConnection.handleProxyResponse(NettyTransportConnection.java:1165)
at com.symantec.dlp.communications.transportlayer.impl.NettyTransportConnection.messageReceived(NettyTransportConnection.java:1124)
at org.jboss.netty.channel.SimpleChannelHandler.handleUpstream(SimpleChannelHandler.java:88)
 
(...)
 
TC - Unexpected exception  for connection number 939 at 2023-05-23 12:59:01. Failure response received from proxy.Connection statistics:
Connection Number = 939
PeerId = null
StartTime = 2023-05-23 12:59:01.593
Disconnected Time = Not Yet Disconnected
Duration Of Connection In Millis = 96
                    Bytes Dequeued  Bytes Enqueued
HTTP                             0               0
SSL                          3,948              82
Connection specific high frequency logs for connection number = 939. There is no peerId information for this connection.
DateTime                 Event                                                   ReplicatorId     Num Bytes  AdditionalInformation
-----------------------  ------------------------------------------------------  ---------------  ---------  --------------------
2023-05-23 12:59:01.572  DC - Scheduling succeeded                                                        0  ScheduledToServiceInNanos=19999987000             
2023-05-23 12:59:01.572  NCE - Connect requested                                                          0  
2023-05-23 12:59:01.593  NCE - Connected                                                                  0  
2023-05-23 12:59:01.593  TC - Connection opened                                                           0  RemoteHostAndPort=/10.10.10.10:8080              
2023-05-23 12:59:01.594  TC - Connection accepted by connection acceptor                                  0  RemoteHostAndPort=/10.10.10.10::8080              
2023-05-23 12:59:01.594  NCE - Write outbound data                                                       82  NumSSLBytesToBeWritten=82                         
2023-05-23 12:59:01.686  NCE - Inbound message received                                                3948  NumSSLBytesReceived=3948                          
2023-05-23 12:59:01.686  TC - Unexpected exception                                                        0  Failure response received from proxy.  

3. Internal communication error show up:

May 23, 2023 12:59:01 PM com.vontu.logging.LocalLogWriter write
WARNING: Internal communications error.. Internal communications error. Please see MonitorController.log for errors. Search for the string TC - Unexpected exception.

 

Environment

Release: 15 +

Resolution

Make sure that one of the below URL is allowed in proxy:

https://gw.csg.dlp.protect.symantec.com (US Service)

OR

https://gw2.csg.dlp.protect.symantec.com (EU Service)

Refer to: Article ID: 163949 DLP Cloud Service enrollment: error requesting client certificate from Symantec Managed PKI Service

Powered by Wolken Software