ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Bypassing Sites with Firewall/VPN

book

Article ID: 172523

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

There is a need to bypass a certain site. The access method in use is Firewall/VPN.

Environment

Web Security Service

Resolution

The Bypassed Sites list in the Network tab under Services in the Web Security Service (WSS) portal does not affect traffic in the IPsec tunnels because that list gets applied via PAC file for other access methods (Unified Agent, Explicit Proxy, Proxy forwarding).

The Trusted Destinations list section can exempt traffic from policy and SSL interception. 

The Trusted Destinations is not a bypass, but simply a tunnel through the Web Security Service. Because of the nature of an IPsec tunnel, all traffic is forced to the tunnel, r
egardless of whether SSL interception is enabled.

To add traffic to the Trusted Destinations list:

  1. Log into the WSS portal.
  2. Go to Solutions > Threat Protection > Policy
  3. Click on Trusted Destinations under Group A.
  4. Click New (Select appropriate item from the dropdown list).
  5. Enter the item (URL or IP) and an optional comment.
  6. Click Add Domains/URLs or Add IP/Subnets depending on the item being added.
  7. Click Save.
  8. Click Activate.