Users running SEP WTR agent seeing traffic to certain Web sites SSL intercepted when other users are not for the same site

book

Article ID: 221751

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

Customer is working with two separate WSS tenants (One for customers own business and one of their client).

Users running SEP WTR agents in PAC file mode

One user (user A) is working from home accessing WSS from his home IP address and seeing traffic intercepted going to certain sites e.g. telegraaf.nl

Admin user (user B) also working from home with different private IP address and not seeing the traffic intercepted

Site like telegraaf.nl and whatsmyiopadress.com for User B are not intercepted and seem to be excluded / bypassed from proxy and TLS interception. These are not bypassed domains on the tenant.

Every web site that suffers from this issue has a Cloudflare certificate assigned.

Cause

The roaming SEP users (user B) IP address is defined as an explicit location IP address for another tenant

 

Environment

Windows based users running SEP WTR

WSS managed by Portal

Resolution

Remove the Explicit IP address from the other tenant to avoid any conflict