As an example, the following scenario will be considered: company from Turkey expects that the WSS Agents will be connecting from GTRAN (Ankara, Turkey) localization zone.

The observation is the following:

• WSS Agent diagnostic logs always show that the connection was established to GTRAN
  
  
  
• https://pod.threatpulse.com always shows connections to DPx-GCHZU (which is Zurich, Switzerland).
  
  
  
• Additionally, in the Cloud SWG reporting customer notices that "Virtual Pop Country" (additional column in the Report Center > Proxy Log) sometimes shows "Switzerland" and sometimes "Turkey".
  

WSS Agent

To ensure where the WSS Agent is connecting to, go to https://pod.threatpulse.com and click on "more". This two fields will show the exact connection of the agents:

• WSS Egress IP:
• WSS Egress Country:

If the connection is detected from the Turkish IP, then "WSS Egress Country" will show "TR" country code. And then, the WSS Egress IP will show the address from the GTRAN Egress IP range which is 199.247.32.64/27:

If the connection is detected outside the Turkish IP, then "WSS Egress Country" will show different country code ("US" in this example). And then, the "WSS Egress IP" will display an address from GCHZU IP range (148.64.11.0/24 or 35.216.128.144/28):

see How WSS Agent Connects to Cloud SWG (Web Security Service) for more details on how CTC works

see Cloud SWG (formerly WSS) Ingress and Egress IP addresses for the list of the available POPs