search cancel

SEP WTR Users cannot access internet via WSS

book

Article ID: 202319

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

Users accessing internet via WSS using SEP WTR agent

Users working fine until PAC file change

After PAC file change pushed out to group of users, all users in group could not access any internet resources 

Cause

SEP WTR agent sent authentication traffic to one WSS pod, and the explicit Web requests to another.

Resolution

Apply SEP WTR update 1.1.0.473.

Additional Information

A PCAP from the workstation using Wireshark shows what is happening

- user tries to access http://www.example.com via GGBLO (148.64.26.153)

- user is asked to authenticate by sending a CONNECT request to client-id.wss.symantec.com via GGBLR (different data center - 109.68.57.164)

- user is redirected back to original URL, again going to GGBLO

 

Because of a SEP communication issue between the authentication and proxy engines, the authentication engine failed back to the last working IP address which was the one accessed prior to the PAC file change. The new SEP WTR build addresses and recovers from any communication breakdown.

Attachments