search cancel

WSS Agent Client blocks enterprise VPN connection


Article ID: 169389


Updated On:


Web Security Service - WSS


The WSS Agent(WSSA) is enabled and connected to the Symantec Web Security Service (WSS). With this configuration all web traffic on ports 80 and 443 are tunnelled through WSSA to the WSS data center. This configuration means that third-party VPN software (for example Cisco AnyConnect or Pulse Secure) for enterprise traffic is also tunnelled.


For the third-party VPN software to connect, add its VPN concentrator IP address or addresses into the Bypass list on the portal.

Go to Connectivity > Bypassed Traffic

Note! Your VPN software must be set to use Split mode VPN tunneling.

For tunnel flapping issues see: WSS Agent turns on and off constantly when using multiple VPN clients