search cancel

Microsoft Edge fails to connect with Endpoint Protection Web Security Service Integration enabled

book

Article ID: 173840

calendar_today

Updated On:

Products

Endpoint Protection Web Security Service - WSS

Issue/Introduction

Microsoft's Edge browser fails to connect on Windows 8 and newer computers when the Symantec Endpoint Protection (SEP) client is configured to use Web Security Service (WSS) Traffic Redirection (WTR).

Cause

The SEP client's WTR functionality configures the client to send all Web traffic on port 443, and 80 to a local proxy service listening on port 2968. This traffic is then forwarded to the WSS infrastructure.

Edge runs as a Windows modern app different from IE and thus it is has network isolation by default for security reasons.
 

Environment

Microsoft Windows
Edge browser

Resolution

Create an exemption to allow the Work or school account​ Windows App to connect to localhost.

  1. Close any open instances of the Edge browser, and error messages related to the browser.
  2. Issue the following command from an elevated command-prompt:
    Build 10158, and newer: CheckNetIsolation.exe LoopbackExempt -a -n=Microsoft.MicrosoftEdge_8wekyb3d8bbwe
    Previous builds: CheckNetIsolation LoopbackExempt -a -n=Microsoft.Windows.Spartan_cw5n1h2txyewy
  3. ​Confirm the application exemption applied correctly:
    1. ​Issue the following command from an elevated command-prompt:
      checknetisolation.exe LoopbackExempt -s​
    2. The list of exempted applications will include the following on a successful attempt:
      Build 10158 and newer:
      Name: Microsoft.MicrosoftEdge_8wekyb3d8bbwe
      SID:  S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194

      Previous builds:
      Name: Microsoft.Windows.Spartan_cw5n1h2txyewy
      SID:  S-1-15-2-3940530315-3680572922-3580967311-3604442549-2808734947-326342994-2786341419
  4. Restart the Edge browser and confirm you are able to open and connect to the Microsoft Store

Attachments

Set Windows Store app exemption v5.dat get_app