HTTPS connections stop working after upgrade to WebMarshal 6.1 or above


This article applies to:

  • WebMarshal 6.X and 7.X

Symptoms:

  • Upgraded from WebMarshal 6.0 to 6.1 or above
  • WebMarshal has direct access to the Internet
  • Some non-browser software connections to the Internet stop working and return a 502 error.
  • Skype failing
  • Citrix Metaframe Server connections failing

Causes:

  • In WebMarshal 6.0, when WebMarshal could access the Internet directly, non-browser software was ALWAYS allowed to create HTTPS tunnels. The setting "Allow unidentified software to create tunnels" was not respected in this scenario.
    • The setting worked correctly if WebMarshal was chained to another proxy server.
  • In WebMarshal 6.1 and above, the setting works as expected for all connections. Depending on the installed versions, unidentified software is NOT allowed to create tunnels by default.

Resolution:

If you want to allow these connections, apply the setting "Allow unidentified software to create HTTPS tunnels." For details of this setting, see Help for the installed version.

Notes:

In WebMarshal 6.1 and above, this setting only applies to connections that are not inspected by WebMarshal (either because HTTPS rules are disabled, or because the connection is excluded from inspection by WebMarshal rules).


Last Modified 6/12/2008.
https://support.trustwave.com/kb/KnowledgebaseArticle12083.aspx