Warning An error has occurred accessing sites through CloudSWG
Article ID: 402657
Updated On:
Products
Issue/Introduction
Accessing certain URL's through CloudSWG return browser Warning "An error has occured" when SSL Intercept is enabled in policy.
Har file shows http status error 500 Internal Server Error when accessing certain sites.
Environment
CloudSWG - WSSA
CloudSWG - IPSEC
Cause
request header 'Via' value='threatpulse'
The purpose of the "via:threapulse" request header is for websites to know that the traffic seen is coming from a proxy and that they are NOT being attacked from the concentration of traffic from our proxies. There are some websites that don't like it and return http status errors. In this specific case an http status 500 error is being returned by OCS. In such cases you can use the suggested resolution section to address the issue.
Resolution
Remove the CloudSWG request Via threatpulse header.
- If your policy is being managed by CloudSWG portal policy, contact Broadcom Support to assist you with backend policy.
- If you manage your CloudSWG policy using UPE you can use the example CPL policy below to remove the request via:threatpulse header in a new or existing CPL layer.
Please use the following CPL example in a CPL layer, replacing example domains shown below with needed domains.
define condition domains_remove_via
url.domain=example1domain.com
url.domain=example2domain.org
url.domain=example3domain.net
url.domain=example4domain.gov
end
define action remove_threatpulse_via
delete( request.header.Via)
end
<Proxy>
condition=domains_remove_via action.remove_threatpulse_via(yes)
Feedback
