Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8541
Views
0
Helpful
5
Replies

Ironport WSA S170 Gateway Timeout Problem

M.Jallad
Level 1
Level 1

‎05-16-2013 03:09 AM

Hi Guys,      

We are having problem on WSA S170 Appliance when trying to access some websites; the user receives a page indicating a gateway timeout issue. when reading the accesslogs on WSA it shows that these URLs return an HTTP 504 error code.

The Ironport deployment mode is proxy and it is protected with two firewalls; However, there is no blocking on both firewalls and we trace the connections to internet and it is passing without blocking throught the firewalls.

I was suspecting a DNS issue; so when trying to do nslookup on WSA it returns the public ip address correctly for this site.  then when trying to telnet to this public ip it returns:

"

telnet: connect to address 69.162.95.210: Connection refused

telnet: Unable to connect to remote host

"

So please share your knowledge with us if anyone knows about this issue.    

1 person had this problem
Labels:
0 Helpful
5 Replies 5

Puja Mahapatra
Cisco Employee
Cisco Employee

‎05-17-2013 10:01 AM

Hello,

Please refer to the article below which explains why might you see a 504 gateway timeout.

https://ironport.custhelp.com/app/answers/detail/a_id/1516

Typically in most cases the the gateway time out is due to an upstream device not responding to SYN packets sent by the WSA. For further assistance kindly open a TAC case.

Regards,

Puja

0 Helpful

M.Jallad
Level 1
Level 1
In response to Puja Mahapatra

‎05-17-2013 12:21 PM

Hi Puja,

Puja Mahapatra wrote:
Hello,
Please refer to the article below which explains why might you see a 504 gateway timeout.
https://ironport.custhelp.com/app/answers/detail/a_id/1516

i've checked the link there are no articles,

Two notes :

1. This problem happens on small number of websites other websites are normally proxied through WSA.

2. When trying to access the same problematic websites directly (without proxy) ; it opens without any issues.

Thanks,

0 Helpful

Puja Mahapatra
Cisco Employee
Cisco Employee
In response to M.Jallad

‎05-17-2013 12:30 PM

I apogilize, can you kindly try this link :

http://tools.cisco.com/squish/26661

A packet capture on the WSA can confirm where the 504 is coming from. Kindly open a support case to get further assistance.

Regards,

Puja

0 Helpful

M.Jallad
Level 1
Level 1
In response to Puja Mahapatra

‎05-17-2013 12:47 PM

Hi Puja ,

Aha this one i followed step by step and it was confirmed that it is 504 only not 502. however , i've just done a seocnd quick look at it again and found that i skipped checking "WSA's L4 Traffic monitoring" part under

  504: The WSA is receiving a TCP reset (RST) terminating the connection with the web server.

but i checked all other troubleshooting steps regarding Firewalls, IPS's upstream devices.

So will check it again in a couple of days and will get back to you with my updates

Thanks,

0 Helpful

valvarados1
Level 1
Level 1
In response to M.Jallad

‎10-21-2017 09:29 AM

Hi Dear,

Please have update of case. The have problems.

 

Regards,

Victor Alvarado

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents