Access Denied error when connecting via a proxy server in Kaspersky Security 9.x for Microsoft Exchange Servers
This article concerns:
- Kaspersky Security 9.6 for Microsoft Exchange Servers Maintenance Release 6 (version 9.6.96.0)
- Kaspersky Security 9.5 for Microsoft Exchange Servers Maintenance Release 5 (version 9.5.153.0)
Issue
If the HTTPS scan option is enabled on the proxy server, requests generated by Kaspersky Security 9.x for Microsoft Exchange Servers will be blocked.
In this case, the application logs the following message: Error AntispamEngine: tpprov [ConnectionTmpl.h:133] eka::SystemException caught: .\src\ProxyAuthorizationUtil.cpp(178) SystemException - basic auth failed. http ret code:407: 0x80000045 (Access denied).
Cause
The Kaspersky Security Network service and the Enforced Anti-Spam Update Service use port 443 for connecting to external Kaspersky servers. This port may be unavailable.
Solution
To ensure the correct work of the services of Kaspersky Security 9.x for Microsoft Exchange Servers, create a special allowing rule or disable the HTTPS traffic scan.
To disable the HTTP traffic scan on Forefront Threat Management Gateway (Forefront TMG), follow these steps:
- Open the Forefront TMG management console.
- In the management console, select Web Access Policy server node.
- On the Tasks tab, select Configure HTTPS inspection.
- Go to the General tab and clear the Enable HTTPS inspection checkbox.
- Click OK.
- Click Apply in the Forefront TMG management console.
The HTTPS traffic scan will be disabled.