WSS Agent Client blocks enterprise VPN connection
search cancel

WSS Agent Client blocks enterprise VPN connection


Article ID: 169389


Updated On:


Cloud Secure Web Gateway - Cloud SWG


The WSS Agent (WSSA) is enabled and connected to the Cloud Secure Web Gateway, SWG (formerly known as WSS). With this configuration all web traffic on ports 80 and 443 are tunneled through WSSA to the Cloud SWG data center. This configuration means that third-party VPN software (for example Cisco AnyConnect or Pulse Secure) for enterprise traffic is also tunneled.


For the third-party VPN software to connect, add its VPN concentrator IP address or addresses into the Bypass list on the portal.

Go to Connectivity > Bypassed Traffic

Note! Your VPN software must be set to use Split mode VPN tunneling.

For tunnel flapping issues see: WSS Agent turns on and off constantly when using multiple VPN clients