I have issue about cannot access https website. Client connect to Forward Proxy type Explicit.
http can access normal but https cannot access when i have to checked access logging and Trace policy maybe this issue concern about Authentication mode
Customer use Radius authen and select mode is origin-cookies redirect.
since implement never have problem about access https just today start to cannot access https i try to chage authen mode to Proxy IP it back to normal can access https website
but cannot use this mode they have virtual url to redirect. they have many branch and configuration other branch it same i have check already.
only this site cannot access https website. please recommend how can i resolve this issue
i upload access logging , policy trace and sysinfo please see from attach files.
They are trying to use redirect based authentication on explicit proxy which will not work for the CONNECT requests as it won't take redirect as a response. Once the SSL Interception is through, they a redirect based auth will work. The error in policy trace is clear on this
EXCEPTION(configuration_error): Authentication failed because of a configuration problem
Last Error: Cannot use origin-redirect or form-redirect for CONNECT method (explicit proxy of https URL)
If they are in need of such redirect based auth, they will have to make sure that the first request is HTTP and use a surrogate based auth mode like "Origin-IP-Redirect" to get it authenticated once during the surrogate refresh time.
The issue only happens when the first request is HTTPS Connect and proxy can't redirect it for authentication. Taking policy trace could give away the reason on why it is not happening on other branchs.
Thank you so much on this KB.
but i don't understand other branch don't find this issue normal to acceess https website . This issue happen only this site.
configuration this site and other site it same. change only IP address.
Can you recommend more information to check it ?