Unable to load intranet sites on browsers when WSS Agent enabled


Article ID: 206546


Updated On:


Web Security Service - WSS


Users accessing Web Security Services (WSS) via WSS agent (WSSA)

  • External / Public sites all render without issues
  • Internal / Intranet sites sometimes cannot be opened via browser (Chrome mostly but some users reporting IE/Edge too)
  • Problem seems to occur from one location - other locations with same workstation image not seeing issue
  • Main difference with this site is that there are onPrem proxies with IP addresses that should be bypassed from WSS


Proxy avoidance checks on agent sending local traffic into WSS



WSSA agent 7.1.1/7.2.1 impacted


Add the onPrem proxy IP addresses to the WSS bypass list to avoid any proxy avoidance checks

Additional Information

PCAPs from host confirmed that CTC traffic was being sent to the internal proxy as expected

PCAPs referenced one request to from the workstation - this is the WSS transProxy IP address only used with IPSEC (but also with proxy avoidance on WSSA)