Customer is working with two separate WSS tenants (One for customers own business and one of their client).
Users running SEP WTR agents in PAC file mode
One user (user A) is working from home accessing WSS from his home IP address and seeing traffic intercepted going to certain sites e.g. telegraaf.nl
Admin user (user B) also working from home with different private IP address and not seeing the traffic intercepted
Site like telegraaf.nl and whatsmyiopadress.com for User B are not intercepted and seem to be excluded / bypassed from proxy and TLS interception. These are not bypassed domains on the tenant.
Every web site that suffers from this issue has a Cloudflare certificate assigned.
The roaming SEP users (user B) IP address is defined as an explicit location IP address for another tenant
Windows based users running SEP WTR
WSS managed by Portal
Remove the Explicit IP address from the other tenant to avoid any conflict