cancel
Showing results for 
Search instead for 
Did you mean: 

502: badgateway McAfee Web Gateway - Notification

Jump to solution

Hi Everyone.

We've deployed McAfee Secure Web Gateway 7.8.2 last year (Nov), shortly after we received reports from our internal staff that the following email client (Works a bit like Outlook Web App) keeps disconnecting the session after x amount of mins (idle time).

https://mail.rslsteeper.com/webmail/

IP Address: 62.6.136.11

I've noticed after running Wireshark that there is a TCP RST (attached screenshots) which is basically the point where the users get kicked off and are having to re-authenticate on the logon page to get back in. There is some foul play from SWG as when I turn off the proxy on each PC, there is no issue.Wireshark-502.JPGWireshark-Off-Proxy.JPG502.png

Please advise.

Many thanks.

Ahmed.

1 Solution

Accepted Solutions
Highlighted
Reliable Contributor marcus69
Reliable Contributor
Report Inappropriate Content
Message 2 of 3

Re: 502: badgateway McAfee Web Gateway - Notification

Jump to solution

 

Hi  @a-ahmed 

well if there is a timeout problem you may use ProxyControl in a dedicated rule for the mentioned site to enhance the timings for this connection:

2019-06-07 10_12_12-MWG-ProxyControl-Timeout.png

 

 

 

 

 

 

 

 

 

 


If that does not help, another approach would be to disable SSL Scan for this special Website by adding it to the list "SSL Tunneled Hosts" which is typically found on the ruleset named "Handle CONNECT Call".
But please keep in mind that the Webgateway would not be able to scan for Malware on Websites that have the SSL Scanner disabled!

Best regards
    Marcus

 

 

2 Replies
Highlighted
Reliable Contributor marcus69
Reliable Contributor
Report Inappropriate Content
Message 2 of 3

Re: 502: badgateway McAfee Web Gateway - Notification

Jump to solution

 

Hi  @a-ahmed 

well if there is a timeout problem you may use ProxyControl in a dedicated rule for the mentioned site to enhance the timings for this connection:

2019-06-07 10_12_12-MWG-ProxyControl-Timeout.png

 

 

 

 

 

 

 

 

 

 


If that does not help, another approach would be to disable SSL Scan for this special Website by adding it to the list "SSL Tunneled Hosts" which is typically found on the ruleset named "Handle CONNECT Call".
But please keep in mind that the Webgateway would not be able to scan for Malware on Websites that have the SSL Scanner disabled!

Best regards
    Marcus

 

 

Re: 502: badgateway McAfee Web Gateway - Notification

Jump to solution
Marcus! That worked! 🙂

I just hope it stays that way but it looks like after setting up the rule set for overriding the HTTPS timeout AND adding the url into the SSL whitelist worked a treat.

Many thanks!

Ahmed.
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community