WSS Agent is enabled when a user is off the corporate network - the agent goes to passive mode when on premise.

WSS policy setup to block block certain categories including Chat/SMS.

We want to bypass slack from WSS so that Reach agent and CASB will apply the controls for slack.

We added several slack URLs including slack.com in bypass domains section of WSS. However, WSS is still intercepting the slack traffic and we are getting blocked page when we go to slack.com. 

WSSA running on client workstation

Reach agent also running on client workstation

Reach Agent is configured to Proxy requests for Slack Application into CASB gateway

Slack domains are all bypassed from WSS

Bypass the Reach Agent gateway (gw.elastica.net) from the WSS configuration

WSSA did successfully bypass the Slack domains and forward the data into the reach agent. However, the reach agent was configured to proxy requests into the CASB gateway, which was not bypassed from WSS. Adding gw.elastica.net to the WSS bypass list fixed the issue.