Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here

Skyhigh Security

Connectivity and Redirection Issues

If you are having SCP connectivity and redirection issues, review the following common causes and solutions. 

DNS Lookup Failure

Use the display filter dns contains cloud in the packet analysis to find the error No such name or other.

dns_lookup_failure.png

TCP Handshake Failure

A TCP handshake failure can be a block in the network, on the firewall, or on the ISP.

I can be like a needle in a haystack to find a specific connection where SYN packets without an ACK, or RST packets responded on SYN.

To find the relevant stream, you can get the cloud IP address from DNS queries, and then filter for that IP address using the display filter ip.addr eq <cloud IP>. Then search for any repeating SYN packets, right-click, and follow the TCP stream.

tcp_handshake_failure.png

If you identify the connection, check for any other network device is blocking it. 

Internet Availability Check Fails

In case the Internet Availability Check (GET http://mcp.webwasher.com/test/MCP.txt) or the Captive Portal Check fails (via proxy: GET http://mcp.webwasher.com/test/MCP.txt), then follow these steps to find the relevant stream:

Use display filter: http.request and http contains webwasher

internect_check_failure.png

These requests must reach the internet. If the packets are blocked, check the network for blockages.

Skyhigh Public IP Blocked by Website Host

While accessing an HTTP website, if a user receives the Skyhigh block page with the following errors because client context is not yet done: 

  • Bad Gateway
  • Could not connect to destination in time
  • 502 HTTP response code
  • browser block page

Check the HAR trace to see if the response for any request is showing the Pending status and then times out, or has an HTTP response code 502. If so, raise an SR with all relevant information. 

Policy Blocks the Request 

In an event where the bypass rules are not working or if a block rule is triggered, the HTTP response code 403 is shown in the HAR trace in the browser.

Check for details on the block page to identify the rule and adjust the policy accordingly.

  • Was this article helpful?