search cancel

Users are unable to browse the internet using explicit access methods including Proxy forwarding and SEP-WTR


Article ID: 189049


Updated On:


Cloud Secure Web Gateway - Cloud SWG


Users are unable to browse the internet via WSS when in explicit mode (explicit, proxy forwarding or SEP WTR access methods)
Users get 'page not found error'
Users get connectivity error in browser accessing traffic via WSS
Disabling explicit mode and going to internet directly works fine
Modifying workstation PAC file to point specifically at the local data center VIP (versus works fine


Firewall not allowing traffic to TCP 8080 to new GCP data center IP address referenced via


Make sure that local firewall allows TCP 8080 traffic to the IP address ranges defined in the following two KB articles

1. any of the WSS ingress IP addresses defined at and
2. any of the WSS egress and authentication networks defined at

Additional Information

With the GCP data center roleout, the IP address ranges for explicit and Unified-Agent/WSS agent may have changed. It is imperitive that corresponding firewall rules are changed to allow traffic to these new GCP IP addresses.