Cannot bypass WSS for all traffic when integrated with SAC
search cancel

Cannot bypass WSS for all traffic when integrated with SAC


Article ID: 250657


Updated On:


Symantec ZTNA


Customer testing SAC integration with WSS.

For initial testing, users will only send SAC segment traffic into WSS, and nothing else.

After installing the WSS Agent, users confirmed they can access their SAC segmented traffic behind WSS but all other Web traffic is also going into WSS.

They can add WSS bypasses for certain domains/IP addresses/Applications but cannot do anything that appears to be global.


SAC with segment based Applications.

WSS Agent.


Working a designed but workaround possible that had undergone very little testing.


Added the following two bypasses to the IP bypass list:


After doing this, all non SAC traffic was bypassed from WSS as expected.

Additional Information

After removing these two IP bypasses from the WSS bypass list, I found that none of my traffic would go back into WSS until I re-installed the agent (customer has not done this yet as they are happy with current solution).

Keeping this KB article internal for now.