Microsoft KB Archive/914448

= Error message when Web browser clients that are located behind an ISA Server 2004 firewall try to access certain external Web sites: &quot;502 Proxy Error&quot; =

Article ID: 914448

Article Last Modified on 12/4/2007

-

APPLIES TO


 * Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition
 * Microsoft Internet Security and Acceleration Server 2004 Standard Edition
 * Microsoft Internet Security and Acceleration Server 2004 Service Pack 1
 * Microsoft Internet Security and Acceleration Server 2004 Standard Edition Service Pack 2

-





SYMPTOMS
When Web browser clients that are located behind a Microsoft Internet Security and Acceleration (ISA) Server 2004 computer try to access certain external Web sites, these clients receive an error message that resembles the following:

Error Code: 502 Proxy Error. The ISA Server denies the specified URL.



CAUSE
This problem occurs when the following conditions are true:
 * You have created an access rule, and you have specified a content type for this access rule.
 * HTTP caching is enabled on the ISA Server computer.
 * ISA Server receives multiple responses from a single request.

In this scenario, a Web server receives a request. In its original response to this request, the Web server sends some of the content together with a Vary header. The Web server then sends the remaining content in additional HTTP responses that include different HTTP cache directive and content-type headers for each response.

This problem occurs because ISA Server 2004 does not correctly process the different cache-directive and content-type headers in the multiple responses that stem from the single request.

HTTP headers are discussed in RFC 2616. For more information about RFC 2616, visit the following Network Working Group Web site:

http://www.faqs.org/rfcs/rfc2616.html



Service pack information
To resolve this problem, obtain the latest service pack for Windows Server 2003. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

889100 How to obtain the latest service pack for Windows Server 2003

Hotfix Information
A supported hotfix is now available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next service pack that contains this hotfix.

To resolve this problem, submit a request to Microsoft Online Customer Services to obtain the hotfix. To submit an online request to obtain the hotfix, visit the following Microsoft Web site:

http://go.microsoft.com/?linkid=6294451

Note If additional issues occur or any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. To create a separate service request, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

Prerequisites
You must install ISA Server 2004 Service Pack 2 before you install this fix.

Restart Requirement
You do not have to restart your computer after you apply this hotfix.

Hotfix Replacement Information
This hotfix does not replace any other hotfixes.

File Information
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

ISA Server 2004, Standard Edition


WORKAROUND
To work around this problem, use one of the following methods.

Method 1
Disable HTTP caching on the ISA Server 2004 computer. To do this, follow these steps:
 * 1) Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Server Management.
 * 2) In the ISA Server console, expand the server in question, expand Configuration, and then click Cache.
 * 3) In the Details pane, click the Cache Drives tab
 * 4) On the Tasks tab, click Disable caching.

Notes
 * The Disable caching option is unavailable if caching is disabled.
 * The steps that are described in Method 1 apply to ISA Server 2004 Enterprise Edition. See ISA Server Help for more information about how to disable HTTP caching in ISA Server 2004 Standard Edition.

Method 2
Create an HTTP cache rule to prevent caching on the specific destination that causes the problem. For more information about how to create a HTTP cache rule, see the ISA Server 2004 Help documentation.

Method 3
Modify the access rule that is configured for a particular content type. Apply the access rule for all content types. To do this, follow these steps:
 * 1) Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Server Management.
 * 2) In the ISA console, expand the server in question, and then click Firewall Policy (FWP).
 * 3) Double-click the access rule that is configured for a specified content type.
 * 4) Click the Content Types tab, click All content types under This rule applies to, and then click OK.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.



MORE INFORMATION
For more information about the description of the terminology that is used to describe Microsoft software updates, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Additional query words: 12202, Cache

Keywords: kbbug kbfix kbqfe kbpubtypekc kbhotfixserver kbwinserv2003sp2fix KB914448

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.