BlueCoat Access Denied (connect_method_denied) and Network Error (tcp_error)

Lindows
Lindows used Ask the Experts™
on
Hello

I'm using bluecoat proxy.
When I try to access this internal https website that  uses a non-standard SSL port
https://starshow:8880/cgi-bin/home/index.cgi, I get

Access Denied (connect_method_denied)
Your request attempted a CONNECT to a port "8880" that is not permitted by default.  
This is typically caused by an HTTPS URL that uses a port other then the default of 443.  

When I change the VPM-CPL to
<proxy>
url.host=starshow http.method=CONNECT url.port=8880 allow

I then get:

Network Error (tcp_error)
A communication error occurred: "" 
The Web Server may be down, too busy, or experiencing other problems preventing it from responding to requests. You may wish to try again at a later time.  

What other changes do I need to make to make this work?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
Try
http.method=CONNECT url.host=starshow port=8880 ALLOW

(not url.port but just port)

Let me see if I can find the KB article for this (for reference and other ideas) but I am pretty sure it is just port  

Author

Commented:
I just tried it but I get "Unknown tag: 'port' "

<proxy> http.method=CONNECT url.host=starshow port=8880 ALLOW eof1273851127918 % Load failed with error(s) Policy installation Compiling new configuration file: Inline configuration Fri, 14 May 2010 15:32:24 UTC Error: Unknown tag: 'port' cpl.vpm:2: http.method=CONNECT url.host=starshow port=8880 ALLOW There was 1 error and 0 warnings
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.

Author

Commented:
I've changed it to allow all by
http.method=CONNECT ALLOW

but still getting the Network Error (tcp_error).
I think it might be the name resolution issue.

Is there a way to manually add a host to IP mapping in the hosts file in bluecoat SG?

Author

Commented:
It seems there isn't a hosts file in bluecoat but there's a forwarding option.
I've tried the following but I don't think it's doing the forwarding.
SG#(config forwarding)create starshow 192.168.10.100 https=8880 server
ok

Added the forwarding policy to my existing proxy policy :
<proxy>
http.method=CONNECT ALLOW

<FORWARD>
server_url.domain=starshow forward(starshow)

Anyone experienced in doing this?
Commented:
I resolved it.
After adding the policy to allow all ports,
edited the DNS entry for the name resolution.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial