Unable to access a site via WSS Firewall/VPN Location
search cancel

Unable to access a site via WSS Firewall/VPN Location

book

Article ID: 243397

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

The user is unable to access a site via the Web Security Server (WSS) IPSec tunnel when in the corporate network.

The same user uses WSS Agent (Active Mode) and is able to access the site in question.

Environment

Web Security Service 

Access Method: Firewall/VPN IPSec

 3rd-party Firewall/VPN Device

Cause

The device creating the IPSec tunnel to WSS has an access control list (ACL) which is blocking access to the specific domain/IP, therefore, the traffic never makes it to the WSS tunnel.

Resolution

To resolve this issue, remove the IP/domain in question from your firewall's IP blocklist.

To confirm that the IP/domain is not reaching the Web Security Service. You can run a report a forensic report and edit the report to add additional options.

If the report shows "No Data". It confirms that the Web Security service is not getting traffic for the domain in question. 

Report data will be available within 5 to 15 minutes after reproducing the issue.

 

  1. Go to Report Center > New Report > New Forensic Report.



  2. Edit the report to add additional options using the Gear icon > Report.




  3. Click on Add Criteria > Location > Select your IPSec Location



  4. Click on Run Report

 

Attachments

Powered by Wolken Software