search cancel

Unable to access a site via WSS Firewall/VPN Location

book

Article ID: 243397

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

The user is unable to access a site via the Web Security Server (WSS) IPSec tunnel when in the corporate network.

The same user uses WSS Agent (Active Mode) and is able to access the site in question.

Cause

The device creating the IPSec tunnel to WSS has an access control list (ACL) which is blocking access to the specific domain/IP, therefore, the traffic never makes it to the WSS tunnel.

Environment

Web Security Service 

Access Method: Firewall/VPN IPSec

 3rd-party Firewall/VPN Device

Resolution

To resolve this issue, remove the IP/domain in question from your firewall's IP blocklist.

To confirm that the IP/domain is not reaching the Web Security Service. You can run a report a forensic report and edit the report to add additional options.

If the report shows "No Data". It confirms that the Web Security service is not getting traffic for the domain in question. 

Report data will be available within 5 to 15 minutes after reproducing the issue.

 

  1. Go to Report Center > New Report > New Forensic Report.



  2. Edit the report to add additional options using the Gear icon > Report.




  3. Click on Add Criteria > Location > Select your IPSec Location



  4. Click on Run Report

 

Attachments