Windows 10 SAC Proxy Issues RRS feed

  • Question

  • Hi, we have been having a lot of different issues with our Windows 10 SAC machines (Version 1809 or 1803 at least) that i think are related to proxy auto config or pac (web hosted pac file by the way). The issue doesn't happen on LTSB 2016.

    The issue is that when our 1809 or 1803 (maybe some older versions too but not sure) laptops are connected to our VPN, all sorts of strange things happen. The start menu starts being unresponsive, IE locks up with a white screen (no activity or toolbar icons), single-sign-on to our home page (cloud based) doesn't work and prompts for credentials as if we were off network, The Wifi icon in the system tray has a yellow bang that indicates no internet access. 

    I am able to solve all of these issues by simply stopping our forcepoint (aka websense) agent on the laptop. if i do that everything starts working again. I know this is not a forum for forcepoint but nobody has been any help on this so i am a little desperate for any help at all. 

    The issue doesn't happen all the time. but i can usually reproduce it after unplugging the network cable and switching to wifi, then connecting to our VPN. 

    Again, this doesn't happen on LTSB 2016 (which is version 1609). so my thinking is that maybe there was a pac file schema change in newer versions of windows 10 and our existing pac file is maybe not compatible.

    Any help at all is appreciated. 

    Monday, January 7, 2019 3:25 PM

All replies

  • Hey Jaybird,

         Did you get this resolved? We are having the same exact issue. EXACTLY the same. I've spent the last week trying to figure this thing out and Forecpoint / Websense support hasn't been very helpful. For us, it seems to be on reboot, and after a few minutes it gets a connection to the cloud and then is fine.

         It'd be awesome if we could compare notes.


    Thursday, February 14, 2019 8:54 PM
  • Yes! Finally! We went back to the triton 8.3 version and it solved all of our issues. 8.5 and newer causes the issues. Opened a ticket with the vendor and sent them log files from an affected machine and have not heard back from them yet. It’s been like a month. By the way, if you would like to discuss then I can send you my email address somehow. Not sure how to do that privately though.
    Friday, February 15, 2019 12:17 AM
  • Hey Jaybird,

       I would love to discuss. I have been on this issue for the past week non stop trying to find the cause. I have a comprehensive list of everything we've tried. I'm curious how rolling back the Triton manager fixed hybrid clients. Did you also roll the clients back to an earlier version of the endpoint?

       Can you try ogtbackin92 (at) geemail dot com? That might work.


    Thursday, February 21, 2019 6:11 PM
  • Hey Jaybird... I just made some progress after reading your rollback solution. I didn't go back far enough in my testing. 

    I have determined that any FP Endpoint versions of 8.5.x are incompatible. Why, I do not know, but we can discuss our environments to find the common element. It's probably something in one of the latest Win10 builds, or something else with the network environment, firewall, IPS, etc. 

    For anyone else reading this... roll back your endpoint clients to 8.4.2652 or 8.3.X and you should have happy users again. Going to update my FP case notes and wait for a newer version. 


    Thursday, February 21, 2019 6:53 PM
  • Thank you, Dave.

    Similar issue solved. We had events in System log:

    Log Name:      System

    Source:        AFD

    Date:          4/12/2019 1:53:23 PM

    Event ID:      16002

    Task Category: None

    Level:         Warning

    Keywords:      Classic

    User:          N/A



    Closing a TCP socket with local port number 62628 in process 5308 is taking longer than expected. The local port number may not be available until the close operation is completed. This happens typically due to misbehaving network drivers. Ensure latest updates are installed for Windows and any third-party networking software including NIC drivers, firewalls, or other security products. 

    Wednesday, April 17, 2019 3:22 PM
  • How did you solve the problem? NIC driver update? What model of PC are you seeing the issue on?
    Wednesday, April 17, 2019 6:52 PM
  • Exactly as Dave specified. We downgraded Forcepoint (WebSense) endpoint from 8.5 to 8.4 version. 
    NIC Driver update/downgrades didn't help (tried from Realtek, from MS, from HP)
    HP ProDesk 400 G2 MT, Realtek PCIe GBE Family Controller

    Thursday, April 18, 2019 7:41 AM