WSS Agent cause Microsoft Direct access disconnections
Article ID: 207070
Updated On:
Products
Issue/Introduction
During the primary tests for migrating Unified agent(UA) users to WSS agent(WSSA), it was noticed that the VPN connection to Microsoft Direct access servers on IPv6 became unstable when using WSSA.
All worked well in the same setup using Unified Agent.
When problem occurs, connection establishment to Microsoft Direct Access server take more than 10 minutes to complete when successful, and the connection keep disconnecting.
Environment
Impacted WSSA versions: 6x and 7.x
Resolution
Temporary workaround is to install WSS agent v 5.1.1, which should end of support on 7/28/2021.
Additional Information
WSSA version 5.1.1 has some known issues that were fixed on the following releases.
Below the top 5 well known issues on version 5.1.1 with their proposed workarounds:
- Uninstall WSS Agent v 5.1.1 does not prompt for uninstall token on Windows 10 1903
- Workaround: is to uninstall from command line if you are using an uninstall token
- Not applicable to UA (Unified Agent always requires the uninstall token to be provided on command line)
- Workaround: is to uninstall from command line if you are using an uninstall token
- WSS Agent notifier hanging when diagnostics logs are large
- Workaround: is to delete the large diagnostic log from C:\ProgramData\Symantec WSS Agent\wss-agent-*.log
- Agent still continues to function - only the UI component gets frozen
- Component eventually will load
- Workaround: is to delete the large diagnostic log from C:\ProgramData\Symantec WSS Agent\wss-agent-*.log
- Domain Bypass is case-sensitive
- Workaround: is to ensure all domain bypasses are entered lower-case in the portal.
- Issue also exists in UA
- Workaround: is to ensure all domain bypasses are entered lower-case in the portal.
- QUIC not blocked after initial install
- Workaround: is to reboot once after installing windows if you are blocking QUIC/HTTP3 in the portal
- Issue also exists in Unified Agent, but in UA a reboot is required after install.
- If you are not blocking QUIC/HTTP3 in the portal, then this issue does not occur.
- Workaround: is to reboot once after installing windows if you are blocking QUIC/HTTP3 in the portal
- Need to click "Reconnect" twice to switch from passive network
- Workaround: is to manually click "Reconnect" if network location detection is incorrect
- This is an infrequently-occurring timing issue which also exists in UA
- Workaround: is to manually click "Reconnect" if network location detection is incorrect
For more information about WSSA version that follows version 5.1.1, you may refer to WSSA Release Notes.
Feedback
