Problem accessing on the ProxySG appliance

<< Back to Knowledge Search


Overview installs an applet on the workstation. When the ProxySG appliance is enabled, the applet will prompt the user to enter credentials. If authentication fails, the application will attempt to connect to other ports, but the firewall will generally reject those connections.



Remove the software (via the Control Panel) and start over after the following Content Policy Language (CPL) has been added to the local policy file.

  1. Go to Management Console > Configuration > Policy > Policy Files > Policy Files Tab
  2. Select the drop-down option for Install Local File from
  3. Select Text Editor and then click Install
  4. Copy & paste the following text, then click Install

;  Bypass whitelist data center IP addresses
;  - updated 26th Apr 2012
;define the condition                    
define condition salesforce_com_data_center


;apply the action
<Proxy salesforce_com_data_center > condition= salesforce_com_data_center
     client.protocol=ssl detect_protocol(no) authenticate(no) ALLOW

     http.method=CONNECT detect_protocol(no) authenticate(no) ALLOW


NOTE: The above CPL is written based on Salesforce knowledge base information. Since it is IP based, it will probably require adjusting in the future.


Additional Information

Starting in June 2016, Salesforce will begin disabling the TLS 1.0 encryption protocol in a phased approach across impacted Salesforce services. Make sure client browser support TLS 1.0 above(TLS.1.1 and 1.2).

For testing purpose you may use this site :
More details on Salesforce TLS 1.0 Disablement :

Bug Number
InQuira Doc IdKB5106

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      06/29/2016
Last Published      06/29/2016
Article Audience
Product      ProxySG
Software      SGOS 5, SGOS 6
Topic      Authentication, SSL / HTTPS
Article Number      000012814
Summary      Common problem on accessing
Was this helpful?
Previous MonthNext Month