Error “502 proxy error, the request is not supported (50)” while trying to access websites from web proxy clients behind ISA Server 2006

Consider a scenario where users who are part of the internal network of the ISA server and have configured their machines as web proxy clients. When those users are trying to go to certain websites they get error "502 proxy error, the request is not supported (50)" message and they are not able to view the page.

Data collection to resolve the issue

In order to troubleshoot this type of issue, we need to run ISA data packager in repro mode using the Web Proxy and Web Publishing template. The goal is to gather data while the client workstation is having this problem.

Data analysis

In the ISA Logs collected with ISA data packager we see failed connection attempt with result code as 50 as highlighted below (copying only the most relevant part of the log with action and result code).






In the network traces taken on the external NIC of the ISA server we can see that the http get request is going out as follows with all the headers and their corresponding values in the request sent.


We need to compare the response that the web server sent for this request which is as follows:


In the response, we can see all the headers and their corresponding values; the important header field that was missing in the request sent by the ISA server was “ContentEncoding” which is present in the web server response with value “gzip”. By default ISA server would send this header with values as gzip and deflate but in this case it is not sending that. To find out why ISA server is not sending this header information in the request we need to analyze the BPA report.

ISABPA -> add-ins section -compression filter and verify if compression filter is disabled. Following is the output from the ISABPA when it’s disabled:

Compression Filter
    Name    =Compression Filter
    Version    =4.0
    Vendor    =Microsoft (R) Corporation
    Description    =Enables HTTP/HTTPS compression
Enable this filter    =False
    Direction    =fpcFilterDirectionBoth
    Order    =4
    Relative Path    =comphp.dll
    Priority    =fpcFilterPriority_High
    Vendor Parameters Sets    =
    PersistentName    ={8EA49FDD-FFDC-4190-8A66-724BB0342F9F}
    Guid    ={8EA49FDD-FFDC-4190-8A66-724BB0342F9F}



In such a scenario where compression filter is disabled and web server in its responses send contentencoding http header or sends the compressed response, ISA server would block that response with result code as “The request is not supported(50)” and the end user would get 502 proxy error. To resolve this we need to enable the compression filter.



Suraj Singh

Support Engineer

Microsoft CSS Forefront Security Edge Team

Technical Reviewer

Yuri Diogenes

Sr Support Escalation Engineer

Microsoft CSS Forefront Security Edge Team

Comments (3)

  1. Anonymous says:

    as mentioned in this article use ISA data packager(…/using-isabpa-for-proactive-and-reactive-work-with-isa-server-part-2-of-2.aspx)
    in repro mode(using web proxy template) while doing repro of the issue and look at the ISA Logs(filter by this URL with which you have issue) and then network traces and filter with this hostname and check the getrequest  frame  and the http headers in the
    request and http header in the response.  comparison of headers might give you insight about the problem you are facing..

  2. Anonymous says:

    Suraj, could you tell me how did you get the web server response? Is it from ISA BPA records too?


  3. Diego says:

    My isa server 2006’s with the compression filter enabled and still access this site when this error occurs