search cancel

SEP WTR traffic not protected by WSS


Article ID: 223925


Updated On:


Web Security Service - WSS


Users accessing WSS services via SEP WTR access method

Users being able to access pages they should not have access to

User traffic going straight to OCS sites and not via WSS

Users can access to download PAC file yet traffic is going direct



Invalid PAC file downloaded to the client


Windows workstation running SEP WTR agents


Removed a function referenced in the PAC file that did not exist.

The following line existed that was not defined anywhere in the file, which the SEP WTR client was tripping up on. Because the PAC file was not cleanly processed, the SEP WTR client would fail open.

if(WSSLocalBypass(url, host)) return "DIRECT";



Additional Information

The SEP WTR rehydrated logs would include the following message indicating an issue processing PAC file, and that we switched to going direct to Web site.


[08/19/2021-13:31:39.403] LPS : 149c : 0670 : TRACE_DEBUG : TRACE_LEVEL_ERROR : connection::determine_target_host : connection_cpp744 :Could not find proxy for URL: Pac file not available/malformed (80072F86). Forcing direct and requesting full pac download. Connection id: 27.