Network Traffic Redirection Failed to Authenticate

book

Article ID: 224497

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

You have an issue with some of the clients using the SEP/SES agent with SEP NTR status showing:

"Network Traffic Redirection Failed to Authenticate. Wait while the client tries to reconnect"

- There is no internet connectivity

- Pac File mode / redirect

- Disabling / Re-enabling NTR does not help / Symantec Endpoint Protection Local Proxy service is running

 

 

Cause

The request for https://client-id.wss.symantecc.com:443/sso was attempting to be send directly. It needs to be send to WSS or else authentication will fail. 

The customer had bypassed the IP behind the hostname by adding it to their 'Bypassed Traffic' section in WSS portal, so SEP WTR was trying to route the request directly. 

Resolution

Ensure that the hostname client-id.wsss.symantec.com or the IP 34.117.186.24 is not bypassed from WSS. 

The seamless identification involves the process of identifying the endpoint organization and negotiating a session key to encrypt an authorization token for each requests sent to WSS. This process is done seamlessly between the agent and secure gateway handling the web-traffic over the WSS ingress data-path. As such, you need to ensure that the client-id url is not bypassing WSS.

URL IP Port(s) Purpose
client-id.wss.symantec.com/sso  34.117.186.24 443 Seamless Identification

Additional Information

Best practices for Endpoint Protection and Web Security Services integration

How to collect Verbose WPP logs for Endpoint Protection with the SymDiag Utility

Attachments