SAC Segment Application randomly failing when accessed via WSS
search cancel

SAC Segment Application randomly failing when accessed via WSS

book

Article ID: 245488

calendar_today

Updated On:

Products

Secure Access Cloud Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

SAC integrated with WSS and users accessing internal applications via WSS Agent.

Although the Applications are accessible most of the time, users occasionally report connectivity errors accessing one SNMP applications that previously worked as shown below:

Other Applications work fine when the SNMP Application fails.

Reconnecting the WSS Agent always addresses the issue.

WSS Agent PCAPs show UDP requests go out but that agent never gets a response as shown below:

Environment

WSS Agent on Windows.

SAC segment based applications enabled.

Cause

IP Conflict (192.168.1.10) between destination host being accessed behind SAC connector and internal WSS IP addresses.

Resolution

Updated WSS routing table to handle IP address conflicts between SAC destination host and WSS subnets.

Additional Information

PCAPs on WSS side showed SAC response but incorrect routing caused it to be sent out invalid next hop.

Attachments

Powered by Wolken Software