WBSN - Block Page: Failed to initialize remote file descriptor

Block Page: Failed to initialize remote file descriptor

Article Number: 000006428
Products: Web Security Gateway Anywhere
Versions: 7.7

Problem Description

Why am I receiving the following message when attempting to access a HTTPS site?
Cannot connect to XYZ.com, Failed to initialize remote file descriptor
  • User-added image


This message may result from any of several different factors; however, is the typically problem is network traffic being blocked upstream via a firewall or ACLs. 
To check if an upstream device is altering network traffic, collect packet captures. Concurrently, run Wireshark on a client machine and run a TCPDump on the Content Gateway.  Examine the packet captures. Look for multiple SYN packets and an inbound HTTP RST from the origin server IP. For example: 
Request to  https://secure.logmein.com which resolved to  
Checking firewall log displays an access block to the origin server IP from an ACL:
$ tail -f ipflog | grep
Nov 20 09:33:25 confw02 Nov 20 2012 09:33:25 CONFW02 : %ASA-6-106100: access-lis t inside-access-in denied tcp inside/ -> outside/ 3(443) hit-cnt 1 first hit [0x36b6e3b2, 0x2397f267]

After you identified an upstream device responsible for blocking network traffic, take corrective actions to ensure the traffic is no longer altered.

Notes & Warnings

This block page has been seen to appear with Intrusion prevention systems (IPS), located upstream of Websense Content Gateway (WCG).
¿Tiene más preguntas? Enviar una solicitud

0 Comentarios

Inicie sesión para dejar un comentario.
Tecnología de Zendesk