KB Article | Forcepoint Support

WCG error log shows clients attempting to connect to port 80 on the external firewall

Article Number: 000003863
Products: Forcepoint V10000 Appliance, Forcepoint V20000 Appliance, Forcepoint V5000 Appliance, Forcepoint Virtual Appliance, Forcepoint Web Security, Forcepoint X Series Appliance, TRITON AP-WEB, Web Filter & Security, Web Security Gateway, Web Security Gateway Anywhere, Web Security and Web Filter
Version: 8.5, 8.4, 8.3, 8.2, 8.1, 8.0, 7.8, 7.7, 7.6, 7.5, 7.1, 7.0
Last Published Date: June 16, 2020

Problem Description

The WCG error log shows connections from the clients to port 80 on the external firewall or other NAT gateway. This is due to the Noscript plug-in installed on the client's internet browser.

Following is an example:

20100821.12h12m36s CONNECT:[1] could not connect [5] to <Destination-IP-Address> for 'http:// <Hostname-or-IP-Address> /'

repeated 4 more times then

20100821.12h12m36s RESPONSE: sent <Internal-IP-Address> status 502 (Connect Error <Connection refused/111>) for 'http:// <Hostname-or-IP-Address>/'

Resolution

This can be safely ignored. If wanted, it is possible to block this connection by doing the following:

Open Websense Content Gateway > Configure > Security > Access Control
Click Edit File
Select Rule Type: Deny
Type dest_ip: <external IP of your Internet gateway>

Keywords: port 80; noscript plugin; 502; access control; filter.config; authentication bypass; port 80 in logs

Article Feedback

Is the article related to the topic you are looking for?
Yes No

Did the information in this article answer your question or resolve your issue?
Yes No

Comments

Thank you for the feedback and comments.

Tools & Links

Featured Articles Home Product Support Life Cycle Certified Product Matrix Upgrade Centers Support Videos

Want 24/7 Tech Support?

Learn more