Application was receiving an ICAP 502 response
search cancel

Application was receiving an ICAP 502 response

book

Article ID: 279113

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection Engine for NAS

Issue/Introduction

Protection Engine is deployed to Rocky Linux.  When sending scan requests through, the following error is received:

 ALLOWED
ICAP server Name: server.example.com
ICAP server URL: icap://10.x.x.x:1344/avscan
Duration of Scanning: 0 ms
ICAP Status: 522
Result of Scanning: ALLOW
ResultMessage: Transfer ALLOWED - ICAP server connection error, denyOnConnectionError option set to [false].
Custom Headers: None

Environment

SPE 9.1

Cause

The route to the SPE server could not be established. Through a packet trace it was evident that the initial contact TCP [SYN] and response TCP [ACK] were occurring. But afterward there was nothing but failures in the form of packet retransmission

Resolution

The issue had to do with routing. Entries needed to be added to the host routes specifying a different gateway, on the SUSE Linux server hosting the application. 

Powered by Wolken Software