Remove X-Bluecoat-Via Header to avoid error - Network Error (gateway_error)
search cancel

Remove X-Bluecoat-Via Header to avoid error - Network Error (gateway_error)

book

Article ID: 167710

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

Some devices can generate errors due to the X-Bluecoat-Via header. 

Some examples are listed below but are not all-inclusive.

  • Network Error (tcp_error) when going to a website
  • Network issue upstream due to the X-Bluecoat-Via Header
  • Network Error (gateway_error)

    An error occurred attempting to communicate with an HTTP or SOCKS gateway.
    The gateway may be temporarily unavailable, or there could be a network problem.

    For assistance, contact your network support team.

  • You may see the following messages in the HTTP debug log .
    • 3424.106 HTTP   Explicit HTTP INFO   H2 CW 106EC840A40                      Terminating connection with response code 504
      3424.106 HTTP   Explicit HTTP INFO   H2 CW 106EC840A40                      Returning exception 'gateway_error' to client
      3424.106 HTTP   Explicit HTTP ERROR  H2 CW 106EC840A40                  Detected proxy loop while parsing X-BlueCoat-Via header, returning gateway_error exception

Resolution

Table of Contents

Remove the header for a specific destination

The example below shows how to remove the header via CPL and VPM. 

This error occurs because the OCS resets GET requests where the header contains X-BlueCoat-Via. To allow access to the page, create a rule that can suppress the X-BlueCoat-Via header from the request.

Copy the following CPL into the local policy file. If help is needed to add CPL to Local Policy: https://knowledge.broadcom.com/external/article/165957/add-cpl-to-a-local-policy-file-on-the-pr.html

<Proxy>
    url.domain=//<websitename>.com/ action.Remove_X-Bluecoat-Via(yes)

define action Remove_X-Bluecoat-Via
    delete( request.header.X-BlueCoat-Via )
end

or create a VPM policy in the Web Access Layer  using the following rule:

  • Destination— Request URL: websiteaddress
  • Action—Control Request Header, Header Name: X-BlueCoat-Via, Supress

Remove the X-Bluecoat-Via Header from ALL traffic

Copy the following CPL into the local policy file:

<Proxy>

    action.Remove_X-Bluecoat-Via(yes)

define action Remove_X-Bluecoat-Via

    delete( request.header.X-BlueCoat-Via )

end

To create a VPM policy in the Web Access Layer with a source/destination of ANY ANY with the same action as shown above.

  • Source — ANY
  • Destination— ANY
  • ​Action—Control Request Header, Header Name: X-BlueCoat-Via, Suppress

The X-Bluecoat-Via Header is used to keep the proxy from inspecting the traffic a second time should a loop in the network path occur.
For more information regarding this please see "Why the ProxySG sends a header "X-Bluecoat-Via:?"

Powered by Wolken Software