Kaspersky Security 9.x for Microsoft Exchange Servers
 
 

Access Denied error when connecting via a proxy server in Kaspersky Security 9.x for Microsoft Exchange Servers

Latest update: November 30, 2022 ID: 11629
 
 
 
 

This article concerns:

  • Kaspersky Security 9.6 for Microsoft Exchange Servers Maintenance Release 6 (version 9.6.96.0)
  • Kaspersky Security 9.5 for Microsoft Exchange Servers Maintenance Release 5 (version 9.5.153.0)
 
 
 
 

Issue

If the HTTPS scan option is enabled on the proxy server, requests generated by Kaspersky Security 9.x for Microsoft Exchange Servers will be blocked.

In this case, the application logs the following message: Error AntispamEngine: tpprov [ConnectionTmpl.h:133] eka::SystemException caught: .\src\ProxyAuthorizationUtil.cpp(178) SystemException - basic auth failed. http ret code:407: 0x80000045 (Access denied).

Cause

The Kaspersky Security Network service and the Enforced Anti-Spam Update Service use port 443 for connecting to external Kaspersky servers. This port may be unavailable.

Solution

To ensure the correct work of the services of Kaspersky Security 9.x for Microsoft Exchange Servers, create a special allowing rule or disable the HTTPS traffic scan.

To disable the HTTP traffic scan on Forefront Threat Management Gateway (Forefront TMG), follow these steps:

  1. Open the Forefront TMG management console.
  2. In the management console, select Web Access Policy server node.
  3. On the Tasks tab, select Configure HTTPS inspection.
  4. Go to the General tab and clear the Enable HTTPS inspection checkbox.
  5. Click OK.

Disabling HTTPS inspection on Forefront TMG

  1. Click Apply in the Forefront TMG management console.

The HTTPS traffic scan will be disabled.

 
 
 
 
 
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.