Users get connection errors when launching a Java applet from websites with specific applications. This happens with HTTPS traffic in explicit proxy deployments.
If you run a packet capture on the ProxySG appliance, you observe that part of the application is loading processes after logging in and opens a connection, as in the following example (where the destination IP address is 188.8.131.52):
The previous example shows that the application is opening an SSL connection but then sends an HTTP CONNECT request over it. When the proxy's port 443 service uses SSL proxy it resets the connection because the CONNECT request is an SSL protocol violation. If you change the SSL service to TCP-Tunnel the application loads correctly.
Create a TCP tunnel service for the destination IP.