search cancel

VPN and WSS Agent connection flapping issues

book

Article ID: 170916

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

You are using WSS Agent with clients running an IPSec VPN connection.

As a result the WSS Agent and IPsec VPN are "competing" for connectivity which in certain cases results in service interruption (tunnel flapping).

Cause

WSS Agent and your VPN are competing for connection; causing conflict or tunnel flapping.

 

Environment

WSS Agent, client computer is setup with VPN / IPSec software.

Resolution

Adding the VPN IP into the Portal:

Select  "WSS Portal > Connectivity > Bypassed Traffic> Bypassed Domains"

After applying this setting anytime you connect to the VPN it will go directly out to the internet; therefore there is no risk. 

You do not want to send your VPN connection through our service because we cannot see that encrypted tunnel and there is no value added having the network flow routed via WSS.

See KB article 169389 for more information.