WCG error log shows clients attempting to connect to port 80 on the external firewall
- Article Number: 000003863
- Products: Forcepoint V10000 Appliance, Forcepoint V20000 Appliance, Forcepoint V5000 Appliance, Forcepoint Virtual Appliance, Forcepoint Web Security, Forcepoint X Series Appliance, TRITON AP-WEB, Web Filter & Security, Web Security Gateway, Web Security Gateway Anywhere, Web Security and Web Filter
- Version: 8.5, 8.4, 8.3, 8.2, 8.1, 8.0, 7.8, 7.7, 7.6, 7.5, 7.1, 7.0
- Last Published Date: June 16, 2020
Problem Description
The WCG error log shows connections from the clients to port 80 on the external firewall or other NAT gateway. This is due to the Noscript plug-in installed on the client's internet browser. Following is an example: 20100821.12h12m36s CONNECT:[1] could not connect [5] to <Destination-IP-Address> for 'http:// <Hostname-or-IP-Address> /' repeated 4 more times then 20100821.12h12m36s RESPONSE: sent <Internal-IP-Address> status 502 (Connect Error <Connection refused/111>) for 'http:// <Hostname-or-IP-Address>/' |
Resolution
This can be safely ignored. If wanted, it is possible to block this connection by doing the following:
Keywords: port 80; noscript plugin; 502; access control; filter.config; authentication bypass; port 80 in logs |
Article Feedback
Want 24/7 Tech Support?
Learn more