Limited internet connectivity message on network status icon when running WSS Agent
search cancel

Limited internet connectivity message on network status icon when running WSS Agent


Article ID: 225756


Updated On:


Cloud Secure Web Gateway - Cloud SWG


Windows 10 machine running WSS agent to access web traffic via WSS

Users reporting 'Limited internet connectivity' warning message on network status icon when running WSS agent (bottom right notification bar) seems to trigger the warning message but cannot see this traffic in WSS logs and user cannot access from browser.

WSS Agent appears to be bypassing the traffic for  


WSS agent

Windows and MacOS bypasses certain sites for network checks

Cause is always bypassed from WSS, along with certain other domains, and routing/firewall rules must allow this traffic out


Allow traffic destined for to go out directly without being blocked. In the above case, the requests were getting blocked at the edge firewall and triggering the error.

If the WSS agent users are never going to be going through a Captive Portal, one additional option would be to leverage PAC files on the host to send traffic to the endpoint using the following logic

if (shExpMatch(host, ""))
    return "PROXY"

Applying this change will trigger an explicit request from the browser to WSS, and the agent always forwards any requests destined for this endpoint into WSS even if that host is bypassed.

The following sites are always bypassed from WSS when using the WSS agent, and any bypass or firewall rules should handle all these domains:

  • Windows:
    • ""
    • ""
    • ""
  • MacOS: ""

Additional Information

The bypassed sites are used for captive portal detection e.g. we try and detect whether we need to login to a portal (hotel wifi) before establishing WSS agent connection, and these sites are needed as part of this process.