There are many reasons a Network Error (tcp_error) is returned from the ProxySG. Below are several examples that Blue Coat Technical Support has encountered.
For a new implementation or topology change, the IP gateway may be misconfigured, there may be a Layer 2 / 3 loop on the network, asymmetric routing or something upstream is not passing the proxy's traffic to the Internet.
Consult your Blue Coat Sales Engineer or Reseller if this is a new implementation or any topology change that affects traffic flow to or from the ProxySG.
If the problem occurs with a specific URL/destination, it may be due to one of the following:
- 3-way TCP handshake fails between the Proxy and the origin content server (OCS)
- A reset (RST) packet coming from upstream towards the proxy on a specific tcp session
- Something upstream is not passing the proxy's traffic out to the Internet
- Layer 2 / 3 loop on the network for a specific URL/destination
Please obtain a packet capture when the problem occurs. It is very important to see what is happening on the wire. You can take packet capture from the proxy by going to the URL below:
A packet capture taken from a ProxySG can be viewed by Wireshark (wireshark.org).