How do I ensure that the Proxy uses my forwarding host for cache refreshing and pipelining?

Solutions ID:    KB4625
Version:    2.0
Status:    Published
Published date:    09/13/2011
Updated:    10/11/2012

Problem Description

When refreshing cache or pre-fetching requests for users, (pipelining) the ProxySG fails to make use of a forward host configuration.  In a Proxy chain deployment, this can lead to these clientless connections being sent to the default gateway rather than the upstream forward host.  This causes these clientless connections to fail, as the upstream parent proxy is required to reach the Internet

Monitoring a packet capture while this issue occurs, you will see many packets sourced at the ProxySG IP address in syn_sent state, but with no reply.

Policy tracing will only show this issue when used in a <cache> layer (or web content layer in visual policy) as it's related to requests generated by the Proxy's cache engine.


To ensure that the ProxySG uses the upstream parent proxy to reach the Internet for these clientless connections, there are several options available.

1) Create a default sequence in the forwarding section of the Management Console.
  • In the Configuration tab, go to Forwarding > Default Sequence.
  • FInd your preferred forward host in the list on the left, move it to the Selected Aliases list on the right
  • Click Apply.

2) Use policy to forward clientless connections to the appropriate Forwarding host.

Add the below rule to the local or central policy files, or in a CPL layer in the Visual Policy Manager:

       has_client=no forward.fail_open(no) forward(upstream)

*Replace (upstream) with the name of the forward host.



Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.

Your response will be used to improve our document content.

Ask a Question