WCG error log shows clients attempting to connect to port 80 on the external firewall
- Article Number: 000003863
- Products: Forcepoint V10000 Appliance, Forcepoint V20000 Appliance, Forcepoint V5000 Appliance, Forcepoint Virtual Appliance, Forcepoint Web Security, Forcepoint X Series Appliance, TRITON AP-WEB, Web Filter & Security, Web Security Gateway, Web Security Gateway Anywhere, Web Security and Web Filter
- Version: 8.5, 8.4, 8.3, 8.2, 8.1, 8.0, 7.8, 7.7, 7.6, 7.5, 7.1, 7.0
- Last Published Date: June 16, 2020
The WCG error log shows connections from the clients to port 80 on the external firewall or other NAT gateway. This is due to the Noscript plug-in installed on the client's internet browser.
Following is an example:
20100821.12h12m36s CONNECT: could not connect  to <Destination-IP-Address> for 'http:// <Hostname-or-IP-Address> /'
repeated 4 more times then
20100821.12h12m36s RESPONSE: sent <Internal-IP-Address> status 502 (Connect Error <Connection refused/111>) for 'http:// <Hostname-or-IP-Address>/'
This can be safely ignored. If wanted, it is possible to block this connection by doing the following:
Keywords: port 80; noscript plugin; 502; access control; filter.config; authentication bypass; port 80 in logs