BlueCoat Access Denied (connect_method_denied) and Network Error (tcp_error)

Lindows used Ask the Experts™

I'm using bluecoat proxy.
When I try to access this internal https website that  uses a non-standard SSL port
https://starshow:8880/cgi-bin/home/index.cgi, I get

Access Denied (connect_method_denied)
Your request attempted a CONNECT to a port "8880" that is not permitted by default.  
This is typically caused by an HTTPS URL that uses a port other then the default of 443.  

When I change the VPM-CPL to
<proxy> http.method=CONNECT url.port=8880 allow

I then get:

Network Error (tcp_error)
A communication error occurred: "" 
The Web Server may be down, too busy, or experiencing other problems preventing it from responding to requests. You may wish to try again at a later time.  

What other changes do I need to make to make this work?
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

http.method=CONNECT port=8880 ALLOW

(not url.port but just port)

Let me see if I can find the KB article for this (for reference and other ideas) but I am pretty sure it is just port  


I just tried it but I get "Unknown tag: 'port' "

<proxy> http.method=CONNECT port=8880 ALLOW eof1273851127918 % Load failed with error(s) Policy installation Compiling new configuration file: Inline configuration Fri, 14 May 2010 15:32:24 UTC Error: Unknown tag: 'port' cpl.vpm:2: http.method=CONNECT port=8880 ALLOW There was 1 error and 0 warnings
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.


I've changed it to allow all by
http.method=CONNECT ALLOW

but still getting the Network Error (tcp_error).
I think it might be the name resolution issue.

Is there a way to manually add a host to IP mapping in the hosts file in bluecoat SG?


It seems there isn't a hosts file in bluecoat but there's a forwarding option.
I've tried the following but I don't think it's doing the forwarding.
SG#(config forwarding)create starshow https=8880 server

Added the forwarding policy to my existing proxy policy :
http.method=CONNECT ALLOW

server_url.domain=starshow forward(starshow)

Anyone experienced in doing this?
I resolved it.
After adding the policy to allow all ports,
edited the DNS entry for the name resolution.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial