User is able to access other sites normanly however some site they are unable to load properly via Cloud SWG.

If we look at the requests in the browser developer tools we see we're getting proper response from OCS except for some specific requests we're getting HTTP response 5xx which indicate server side error.

Cloud SWG

Universal Policy Enforcement (UPE)/Management Center (MC).

Portal Managed policy

OCS sending HTTP response code 5xx due to additional headers(i.e. X-Bluecoat-Via, X-Forwarded-For) being added by Cloud SWG on outgoing web requestes to OCS.

Refer to the following steps for respective policy management

> UPE/MC managed policy

Please add the following CPL to UPE VPM > CPL Layer (i.e. preferred placment at the end of last CPL Layer) then Install the policy to your Cloud SWG tenant.

#if enforcement=wss

define condition BC_ocs_fix_broken_by_via_header
    url.domain=example.com
end

define condition Broken_by_proxy_hint_x_forwarded_for
 url.domain=example.com
end

#endif

Above mentioned CPL will remove the X-Bluecoat-Via and X-Forwarded-For headers for all outbound requests sent to OCS (i.e. example.com) by Cloud SWG.

Important note: You do not need to create any rule in proxy layer referencing above mentioned conditions as on Cloud SWG side pre-configured rules configured againts those definations to remove those headers.

> Portal Managed policy

Please reach out to Broadcom teachnical support to have Policy Fragement enabled for specific affected domain/site on your Cloud SWG tenant.