The WSS Agent(WSSA) is enabled and connected to the Symantec Web Security Service (WSS). With this configuration all web traffic on ports 80 and 443 are tunneled through WSSA to the WSS data center. This configuration means that third-party VPN software (Example: AnyConnect or PulseSecure) for enterprise traffic is also tunneled.
For the third-party VPN software to connect, add its VPN concentrator IP address or addresses into the Bypass list on the portal.
NOTE: Your VPN software must be set to use Split mode VPN tunneling.
For tunnel flapping issues see: WSS Agent turns on and off constantly when using multiple VPN clients