Send Signal to Reconnect WSS Agent
search cancel

Send Signal to Reconnect WSS Agent

book

Article ID: 226831

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

A programmatic method to restart WSS Agent (WSSA) connections on clients.

How do I configure a "programmatic reconnect" in my VPN client (to force a reconnect of the WSS Agent)?

As described in About the WSS Agent UI, end users can open the Agent Interface and attempt to Reconnect the WSS Agent. 

Environment

  • Web Security Service
  • WSS Agent
  • Third-party VPN provider

Cause

Rare occurrences might prevent the WSS Agent from automatically detecting a network change. If there is a predictable case where network changes are not detected such as:

  • PAC URL fails to load.
  • Third-party VPN client does not push route changes to the OS. 
  • The reconnect button in the WSS Agent UI has been disabled by using the allowUserDisable option.

The third-party VPN can be configured to send a signal to trigger a WSS Agent reconnection.

Resolution

If the third-party VPN client does not push route changes to the Operating System (OS) automatically when connecting/disconnecting via the Operating System's APIs.

Another option is to use the third-party's VPN onConnect and onDisconnect scripts. Make sure to consult the vendor's documentation to see if it is supported.

Windows

As Administrator, use the Windows wssad application to send the signal.

sc control wssad 161

macOS

The command for macOS clients depends on the version.

Kext Version of  WSS Agent (Catalina and previous):
sudo killall -SIGUSR1 wssad
The network extension version of WSS Agent (Big Sur+):
sudo killall -SIGUSR1 com.symantec.wssa.wssax
Note: For macOS clients, only WSS Agent 6.1.1+ supports the remote trigger process.
 
Powered by Wolken Software