cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Can not access websites

Jump to solution

Hello,

I have problems getting a website via Web Gateway. It can be reached via free internet at the same time.

Via Web Gateway the page is staying blank.

In Rule Tracing I couldn't find any block.

Tracert shows, that the destination is reachable:

tracert sweetsoulxmasrevue.com

Routenverfolgung zu sweetsoulxmasrevue.com [217.160.223.220]
über maximal 30 Hops:

(first hops are local hops to the Public Adress)

  6    14 ms     8 ms     8 ms  92.79.219.17
  7    10 ms     9 ms    10 ms  92.79.214.238
  8    15 ms    14 ms    15 ms  145.254.2.195
  9    16 ms    15 ms    15 ms  145.254.2.195
 10    16 ms    14 ms    14 ms  decix.bb-a.fra3.fra.de.oneandone.net [80.81.192.123]
 11    15 ms    19 ms    18 ms  ae-1.bb-c.act.fra.de.oneandone.net [212.227.120.90]
 12    17 ms    17 ms    18 ms  ae-4.bb-b.bs.kae.de.oneandone.net [212.227.120.18]
 13    16 ms    18 ms    18 ms  kundenserver.de [217.160.223.220]

This is what I've got through Connection Tracing:

Server:

09:45:44.368: Connect: Would block (EPOLLOUT, EPOLLONESHOT, EPOLLERR) [xdeletedIPv6Adressx]:80 (fd = 1238, date = 27.12.2018, MWG 7.8.1.6.0-26087)
09:45:44.390: Connection is still ok
09:45:44.390: Connection is still ok
09:45:44.390: PostConnect: ok (local addr [xdeletedIPv6Adressx]:51494)
09:45:44.390: Send 321 bytes; offset = 0
>>>
GET /de HTTP/1.1
Host: sweetsoulxmasrevue.com
Accept: text/html, application/xhtml+xml, image/jxr, */*
Pragma: no-cache
User-Agent: xdeletedx
Accept-Encoding: gzip, deflate
Accept-Language: de-DE
Via: Forward Proxy
Connection: Keep-Alive

<<<
09:45:44.390: Receive: Would Block (EPOLLIN, EPOLLONESHOT)
09:45:44.466: Received 206 bytes
>>>
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 27 Dec 2018 08:45:44 GMT
Server: Apache
X-Powered-By: PHP/5.4.45

2



<<<
09:45:44.467: Receive: Would Block (EPOLLIN, EPOLLONESHOT)
09:45:44.473: Received 5 bytes
>>>
0

<<<
09:46:07.076: Releasing and closing FD (fd = 1238, 0)

Client:

09:45:44.336: Accepted connection on ProxyIP1/ProxyIP2:8080 from ClientIP:53677 (fd = 258, date = 27.12.2018, MWG 7.8.1.6.0-26087)
09:45:44.337: Receive: Would Block (EPOLLIN, EPOLLONESHOT)
09:45:44.340: Received 324 bytes
>>>
GET http://sweetsoulxmasrevue.com/de HTTP/1.1
Accept: text/html, application/xhtml+xml, image/jxr, */*
Accept-Language: de-DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: sweetsoulxmasrevue.com
Proxy-Connection: Keep-Alive
Pragma: no-cache

<<<
09:45:44.348: Send 14141 bytes; offset = 0
>>>
HTTP/1.1 407 AuthenticationRequired
Via: ProxyIP (McAfee Web Gateway 7.8.1.6.0.26087)
Date: Thu, 27 Dec 2018 08:45:44 GMT
Content-Type: text/html
Cache-Control: no-cache
Content-Length: 13790
Proxy-Connection: Keep-Alive
Proxy-Authenticate: Negotiate
Proxy-Authenticate: NTLM
Proxy-Authenticate: Basic realm="Proxy Authentication"

09:45:44.348: Connection is still ok
09:45:44.351: Receive: Would Block (EPOLLIN, EPOLLONESHOT)
09:45:44.359: Received 1460 bytes
>>>
GET http://sweetsoulxmasrevue.com/de HTTP/1.1
Accept: text/html, application/xhtml+xml, image/jxr, */*
Accept-Language: de-DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Pragma: no-cache
Host: sweetsoulxmasrevue.com
Proxy-Authorization: Negotiate

09:45:44.359: Received 2920 bytes
>>>

09:45:44.359: Received 1101 bytes
>>>

09:45:44.467: Connection is still ok
09:45:44.467: Connection is still ok
09:45:44.473: Connection is still ok
09:45:44.479: Send 213 bytes; offset = 0
>>>
HTTP/1.1 200 OK
Via: Forward HTTP Proxy Kunden
Date: Thu, 27 Dec 2018 08:45:44 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.4.45
Proxy-Connection: Keep-Alive
Transfer-Encoding: chunked

<<<
09:45:44.479: Send 7 bytes; offset = 0
>>>
2



<<<
09:45:44.479: Send 5 bytes; offset = 0
>>>
0

<<<
09:45:44.481: Receive: Would Block (EPOLLIN, EPOLLONESHOT)
09:46:07.075: Receive: errno: 104 - 'Connection reset by peer' (104)
09:46:07.076: Shutdown with error 107
09:46:07.076: Received FIN
09:46:07.076: Releasing and closing FD (fd = 258, 0)

 

Second Try

Server

09:46:07.298: Connect: Would block (EPOLLOUT, EPOLLONESHOT, EPOLLERR) [xdeletedIPv6Adressx]:80 (fd = 861, date = 27.12.2018, MWG 7.8.1.6.0-26087)
09:46:07.319: Connection is still ok
09:46:07.319: Connection is still ok
09:46:07.319: PostConnect: ok (local addr [xdeletedIPv6Adressx]:52114)
09:46:07.320: Send 321 bytes; offset = 0
>>>
GET /de HTTP/1.1
Host: sweetsoulxmasrevue.com
Accept: text/html, application/xhtml+xml, image/jxr, */*
Pragma: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Accept-Language: de-DE
Via: Forward Proxy
Connection: Keep-Alive

<<<
09:46:07.320: Receive: Would Block (EPOLLIN, EPOLLONESHOT)
09:46:07.396: Received 206 bytes
>>>
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Thu, 27 Dec 2018 08:46:07 GMT
Server: Apache
X-Powered-By: PHP/5.4.45

2



<<<
09:46:07.397: Receive: Would Block (EPOLLIN, EPOLLONESHOT)
09:46:07.404: Received 5 bytes
>>>
0

<<<
09:47:14.971: Releasing and closing FD (fd = 861, 0)

Client

09:46:07.116: Accepted connection on ProxyIP1:8080/ProxyIP2:8080 from ClientIP:53689 (fd = 290, date = 27.12.2018, MWG 7.8.1.6.0-26087)
09:46:07.117: Receive: Would Block (EPOLLIN, EPOLLONESHOT)
09:46:07.165: Received 324 bytes
>>>
GET http://sweetsoulxmasrevue.com/de HTTP/1.1
Accept: text/html, application/xhtml+xml, image/jxr, */*
Accept-Language: de-DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: sweetsoulxmasrevue.com
Proxy-Connection: Keep-Alive
Pragma: no-cache

<<<
09:46:07.173: Send 14141 bytes; offset = 0
>>>
HTTP/1.1 407 AuthenticationRequired
Via: ProxyIP (McAfee Web Gateway 7.8.1.6.0.26087)
Date: Thu, 27 Dec 2018 08:46:07 GMT
Content-Type: text/html
Cache-Control: no-cache
Content-Length: 13790
Proxy-Connection: Keep-Alive
Proxy-Authenticate: Negotiate
Proxy-Authenticate: NTLM
Proxy-Authenticate: Basic realm="Proxy Authentication"

 

09:46:07.173: Connection is still ok
09:46:07.176: New logical connection SockOpts unchanged. TCP window not empty: 6841 bytes (or 5 packets)
09:46:07.176: Receive: Would Block (EPOLLIN, EPOLLONESHOT)
09:46:07.288: Received 2920 bytes
>>>
GET http://sweetsoulxmasrevue.com/de HTTP/1.1
Accept: text/html, application/xhtml+xml, image/jxr, */*
Accept-Language: de-DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Pragma: no-cache
Host: sweetsoulxmasrevue.com
Proxy-Authorization: Negotiate

 

09:46:07.288: Received 1460 bytes

 

09:46:07.288: Receive: Would Block (EPOLLIN, EPOLLONESHOT)
09:46:07.288: Received 1101 bytes

 

09:46:07.397: Connection is still ok
09:46:07.397: Connection is still ok
09:46:07.404: Connection is still ok
09:46:07.408: Send 213 bytes; offset = 0

 

HTTP/1.1 200 OK
Via: Forward HTTP Proxy Kunden
Date: Thu, 27 Dec 2018 08:46:07 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.4.45
Proxy-Connection: Keep-Alive
Transfer-Encoding: chunked

<<<
09:46:07.408: Send 7 bytes; offset = 0
>>>
2



<<<
09:46:07.409: Send 5 bytes; offset = 0
>>>
0

<<<
09:46:07.411: Receive: Would Block (EPOLLIN, EPOLLONESHOT)
09:47:14.971: Shutdown was ok
09:47:14.971: Releasing FD with pending data (fd = 290, 1)

 

1 Solution

Accepted Solutions
McAfee Employee aloksard
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: Can not access websites

Jump to solution

Hi,

Hope you are doing well.

Issue is reproducibale  at my end if I add Via header for the request being sent from MWG to destination serve.  I also get blank page.  At same destination server does not provide response content.

 

Below is seen  at my end:-

 

GET /de HTTP/1.1

Host: sweetsoulxmasrevue.com

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36

Accept-Encoding: gzip, deflate

Accept-Language: en-GB,en-US;q=0.9,en;q=0.8

X-Forwarded-For: 172.19.212.56

Upgrade-Insecure-Requests: 1

Via: 1.1 172.19.212.109 (McAfee Web Gateway 7.8.2.4.0.27219)

Connection: Keep-Alive

 

HTTP/1.1 200 OK

Content-Type: text/html

Transfer-Encoding: chunked

Connection: keep-alive

Keep-Alive: timeout=15

Date: Thu, 27 Dec 2018 12:41:23 GMT

Server: Apache

X-Powered-By: PHP/5.4.45

 

2

 

 

 

0

 

 

Remove Via header for this traffic and website will work fine. Please refer attached screenshot for reference.  At your end also I see Via header being added for request being sent from MWG to destination server .   Via: Forward Proxy  this is what is being seen at your end.

 

 

Also please refer below link for more information on Via header and how to remove it:-

 

https://community.mcafee.com/t5/Documents/Web-Gateway-Via-and-X-Forwarded-For-Headers-Proxy-Loop/ta-...

 

Regards

Alok Sarda

2 Replies
McAfee Employee aloksard
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: Can not access websites

Jump to solution

Hi,

Hope you are doing well.

Issue is reproducibale  at my end if I add Via header for the request being sent from MWG to destination serve.  I also get blank page.  At same destination server does not provide response content.

 

Below is seen  at my end:-

 

GET /de HTTP/1.1

Host: sweetsoulxmasrevue.com

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36

Accept-Encoding: gzip, deflate

Accept-Language: en-GB,en-US;q=0.9,en;q=0.8

X-Forwarded-For: 172.19.212.56

Upgrade-Insecure-Requests: 1

Via: 1.1 172.19.212.109 (McAfee Web Gateway 7.8.2.4.0.27219)

Connection: Keep-Alive

 

HTTP/1.1 200 OK

Content-Type: text/html

Transfer-Encoding: chunked

Connection: keep-alive

Keep-Alive: timeout=15

Date: Thu, 27 Dec 2018 12:41:23 GMT

Server: Apache

X-Powered-By: PHP/5.4.45

 

2

 

 

 

0

 

 

Remove Via header for this traffic and website will work fine. Please refer attached screenshot for reference.  At your end also I see Via header being added for request being sent from MWG to destination server .   Via: Forward Proxy  this is what is being seen at your end.

 

 

Also please refer below link for more information on Via header and how to remove it:-

 

https://community.mcafee.com/t5/Documents/Web-Gateway-Via-and-X-Forwarded-For-Headers-Proxy-Loop/ta-...

 

Regards

Alok Sarda

Re: Can not access websites

Jump to solution
Thank You very much! Removing the Via-Header did it.
ePO Support Center Plug-in
Check out the new ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.