I have the same error for another internet web app, how can i troubleshoot via ssh the access.log?
1 of 1 people found this helpful
"502 Bad Gateway" is a pretty generic error message that points out that something between MWG and the remote server went down.
If you can replicate the issue and need assistance to understand what is going on, please file an SR with support. There is no "generic" answer for this kind of error messages.
Temp... I add under my global whitelist the site with the issue I will open a SR
Web Gateway: ERROR: 502 Bad Gateway when accessing Web Application
Corporate KnowledgeBase ID: KB68039 Last Modified: January 29, 2010
SummaryWeb Gateway sends back an HTTP 502 response to the client when there are problems communicating with the web server.
ProblemWhen a client tries to access a specific web server, Web Gateway replies with a HTTP 502, Bad Gateway error. An error message displays in the Web Browser. Whitelisting or adding an entry to the ICAP Bypass list do not solve the issue.
CauseThis is usually caused by a web server sending a response to the client which is not RFC compliant. A common example are web servers which (due to dynamic content) send two different content-length headers. This is not RFC compliant and may cause a security impact, therefore you see the HTTP 502 error as a response.
Verify the problem by looking at the HTTP response sent from the web server to Web Gateway. Use Connection Tracing or run a tcpdump on the Web Gateway interface that points to the internet to analyze the traffic.
To change the behavior and have Web Gateway accept the response, edit the global.conf file using the following:
IMPORTANT: This may be a security threat. Apply changes to the global.conf file only if you have already done so in the past and know the procedure. If you are unsure, contact Support.
If making the change does not help, the response from the web server may be broken in another way. Open a case with Support to get additional insight and an explanation for the issue.
1 of 1 people found this helpful
I was with a customer who had the same error message for a web site. It turns out there was a Network Intrusion Prevention sensor (NIPs) inline that was blocking the responses from the server due to an exploit signature triggering a blocking action on the NIPs. Once we excluded the site from the signature we no longer had the bad gateway message HTTP 502, and the web site was displayed. The next step would be to alert both the technical support team of the NIPs about the triggered response, and notify the web developer of the web site they may have some suspicious or malicious looking code on their web site.
I open a SR and for now the solution was flush the cache under configuration>right click MWG app name and click flush cache..................
I will monitor all to see if this is the cause of my issue
I have the same problems and follow KBKB68039 to edit global.conf but i don't know location global.conf. Please tell me location file. McAfee Web Gateway 7.2 Thanks!
Thanks Jon but i want to try solution in KB68039 and see the problems can solved. Could you tell me which place global.conf located?
What makes you think it is related to the problem outlined in KB68039? That KB was written for MWG 6 which is very different from MWG 7. The issue is also a very specific issue, I have only ever seen the issue when a user is generating some large PDF reports.
If you want to do what is outlined in that KB, then you will need to create a rule like:
Criteria: URL.Host matches problemdomain.com
Event: Enable Proxy Control <Handle Dual Content Length>
Where "Handle Dual Content Length" is a settings container where you changed an option for dual content length headers.