Problem
Files are not analyzed by the DLP engine, and the dlp logfile shows response code: 500
The following error messages appear in the log:
Cannot connect to ICAP server: <server_IP_address>:1344 for message id=11360750.203942046 com.syncplicity.dlp.icap.Icap CantConnectException: Cannot connect to ICAP server: <ICAP_server_IP>:1344
Note: <server_IP_address> is a placeholder for the actual IP address.
Cause
The DLP Connector cannot communicate with the ICAP server of the DLP Engine.
Solution
/etc/syncp-das/syncp-das.ymlSee section Configure DLP Settings on page Install and configure the DLP/AV Connector.- Check the
/etc/syncp-das/syncp-das.ymlfile and correct the DLP connector ICAP URL - Verify that the ICAP server for the DLP engine is running and that the internal firewall rules are not blocking traffic between the DLP Connector and the ICAP server.
- Troubleshoot the connectivity with the DLP Engine by using the
/bin/syncp-das-audittool to send directly files for classification from the DLP Connector. Sample commands:syncp-das-audit -u icap://<ICAP_server_IP>:1344/REQMOD -reqMod /tmp/s.conf
syncp-das-audit -u icap://<ICAP_server_IP>:1344/REQMOD -reqMod /usr/bin/syncp-das-audit
syncp-das-audit -u icap://<ICAP_server_IP>:1344 -reqMod ./syncp-das-audit