3 Replies Latest reply on Feb 25, 2016 6:32 AM by kitanaka

    Web Gateway as ICAP server : 403 CannotLoadAV

    kitanaka

      Hi,

       

      I have got demo license and installed Web Gateway 7.5.2.5.0.

       

      - Did initial setup

      - Configuration -> Appliances -> Proxies : Enabled ICAP server

      - Verified port 1433 is listening.

      - Policy -> Settings -> Engines -> ICAP Client : Set ReqMod for List of ICAP Server.

       

      Then, sending ICAP request from a proxy to the Web Gateway, I see below messages.

      Web Gateway respond with 403 CannotLoadAV and so the client RST the connection.

      I feel I am missing some configuration on WG and did research on documents but end up asking here.

       

      Not sure if this is related, in Dashboard my WG is getting errors "Unable to connect to or receive from any update server (Origin Updater, ID: 305, n times within last n minutes)".

       

      REQMOD icap://xxx.xxx.xxx.xxx:1344/reqmod ICAP/1.0

      Host: xxx.xxx.xxx.xxx:1344

      Date: Mon 22 Feb 2016 07:03:23 GMT

      Allow: 204

      Connection: keep-alive

      X-Client-IP: 10.10.160.252

      Encapsulated: req-hdr=0, req-body=199

       

      POST / HTTP/1.1

      Host: 10.10.160.100

      Accept: */*

      User-Agent: IE

      Content-Length: 1224

      Expect: 100-continue

      Content-Type: multipart/form-data; boundary=----------------------------e518c939a970

       

      4c8

      ------------------------------e518c939a970

      Content-Disposition: form-data; name="test"; filename="tempfile"

      Content-Type: application/octet-stream

       

      ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................................ ................................................................

      ------------------------------e518c939a970--

       

      0

       

      ICAP/1.0 200 OK

      ISTag: "00000000-00000000-00000000"

      Encapsulated: res-hdr=0, res-body=161

       

      HTTP/1.1 403 CannotLoadAV

      Via: 1.1 xxx.xxx.xxx.xxx (McAfee Web Gateway 7.5.2.5.0.20828)

      Content-Type: text/html

      Cache-Control: no-cache

      Content-Length: 2698


      <snip>

       

       

      Best regards,

      Kimi.