ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Send Signal to Reconnect WSS Agent

book

Article ID: 226831

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

A programmatic method to restart WSS Agent connections on clients.

As described in About the WSS Agent UI, end users can open the Agent Interface and attempt to Reconnect the WSS Agent. 

Cause

Rare occurrences might prevent the WSS Agent from automatically detecting a network change. If there is a predictable case where network changes are not detected such as:

  • PAC URL fails to load.
  • Third-party VPN client does not push route changes to the OS. 
  • The reconnect button in the WSS Agent UI has been disabled by using the allowUserDisable option.

The third-party VPN can be configured to send a signal to trigger a WSS Agent reconnection.

Environment

  • Web Security Service
  • WSS Agent
  • Third-party VPN provider

Resolution

If the third-party VPN client does not push route changes to the Operating System (OS) automatically when connecting/disconnecting via the Operating System's APIs.

Another option is to use the third-party's VPN onConnect and onDisconnect scripts. Make sure to consult the vendor's documentation to see if it is supported.

Windows

As Administrator, use the Windows wssad application to send the signal.

sc control wssad 161

macOS

The command for macOS clients depends on the version.

Kext Version of  WSS Agent (Catalina and previous):
sudo killall -SIGUSR1 wssad
The network extension version of WSS Agent (Big Sur+):
sudo killall -SIGUSR1 com.symantec.wssa.wssax
Note: For macOS clients, only WSS Agent 6.1.1+ supports the remote trigger process.
 

Additional Information

Refer to the online documentation for this feature found here: Send Signal to Reconnect WSS Agent