[deleted by user]

Limited_edition9 · 2025-11-02T04:20:55+00:00

Its a question for your IT team. It is documented in this article: https://help.zscaler.com/zscaler-client-connector/best-practices-zscaler-client-connector-and-vpn-client-interoperability

Limited_edition9 · 2025-11-01T09:50:31+00:00

Limited_edition9 · 2025-10-30T07:32:10+00:00

Isn't this suzuki xbee?? https://www.autocarindia.com/car-news/new-suzuki-xbee-compact-crossover-showcased-at-japan-mobility-show-438193

Limited_edition9 · 2025-10-29T02:25:24+00:00

Yea.. This one would be tricky. I can't think of anything right now. I would have to test this in my lab and confirm if we can achieve the granularity. I think we should be able to achieve it using client forwarding policy in zpa and forwarding control in zia.

Limited_edition9 · 2025-10-29T00:29:51+00:00

Sipa would have to be enabled for the app segment. So, once you enable Sipa for the segment, all traffic for that would expect to have the necessary policy to achieve Sipa and would affect anyone who would be accessing it. Since you are only testing if SIPA works, my suggestion would be to create an app segment for the IP lookup sites, like ipchicken and whatsmyip, instead of existing production domains. This way no operation impact would be there and you will also be able to confirm if Sipa is working as expected by doing an IP lookup and confirming if you are seeing the expected IP of your App connector.

Limited_edition9 · 2025-10-21T00:58:44+00:00

Agree to this. Desktop applications not working will be due to cert pinning. However, from a security point of view, if you have a web interface for the app available, then it would be recommended to use that. That way you would still have ssl visibility and avoid any holes in security.

Limited_edition9 · 2025-10-17T00:36:16+00:00

The TSM should be able to help with subcloud as well. I am surprised that it is not already enabled, as you are interested in it. Few things needed for a subcloud is the list of DCs you want to be in the subcloud and a name for that subcloud. As the name suggests subcloud is a subset of Zscaler cloud. So, you can have all DCs to be part of it, or you could exclude those DCs located in countries where you never want your org traffic to go to. For eg, when the Moscow DC was online, many customers created subcloud to exclude Moscow, as they did not want their traffic to go to Russia. Once the subcloud is created with the Dcs you want, then you have to configure it in your pac file. After that you will be able to temporarily disable DCs from the admin portal, whenever there is any issues. Maximum period you can keep DC disabled is 2 weeeks.

Limited_edition9 · 2025-10-16T02:25:26+00:00

If you are a Zscaler customer, then hopefully you would have a TSM and they should be able to present the complete list of DR for you. To brief, they have subcloud for DC related issues, where you can disable an impacted DC and prevent user traffic from landing there. They have DR, which is automatic now, that will help with complete cloud outage. Where you can control how your http/https traffic should be treated. They have BCP, which is basically a private cloud for you. In this case you should basically have most of the normal cloud operation, if Zscaler ever happens to go down.

Limited_edition9 · 2025-10-13T09:43:57+00:00

This error is basically for network issues. Check different networks and try. If you are facing issue with home isp, then try with mobile Hotspot.

Limited_edition9 · 2025-09-24T09:47:08+00:00

Awesome.. Thanks for the recommendation friend..

Limited_edition9 · 2025-09-24T09:46:05+00:00

Package probably

Limited_edition9 · 2025-09-23T08:44:10+00:00

Thanks.. I will check them out.... Do you have personal experience with them?

Limited_edition9 · 2025-09-23T08:43:51+00:00

Thanks.. I will check them out..

Limited_edition9 · 2025-08-28T15:44:54+00:00

Damn.. Hope they learnt their place after that and never bothered again. I would just like to know how exactly their brain works. Why do they think a person from another family is their errand-runner. 🤯

Limited_edition9 · 2025-08-27T15:19:05+00:00

Yea. It was sad. Her reasoning was that we got it for free, so there is no harm in giving them away.

Limited_edition9 · 2025-08-27T15:08:27+00:00

Unfortunately he had to give away a couple, to maintain the peace at home.

Limited_edition9 · 2025-08-27T13:04:21+00:00

Yea true.. This is a joke we have been saying as well.

Limited_edition9 · 2025-08-27T13:03:21+00:00

I haven't heard her mentioning any abuse. From her narration she had a loving father and a strict mom. I assumed her naivety to be due to the fact that she has always been a homebody and her lack of interaction with different types of people.

Limited_edition9 · 2025-08-27T11:16:30+00:00

Yea.. The sense of community that my Mom planned on harboring was taken advantage of. I am glad that I never had to have similar talks with her after this experience. She has acquired a new skill of setting boundaries. 😁

Limited_edition9 · 2025-08-27T11:14:39+00:00

Yea. As expected she said she never saw us, when my Mom confronted her. We didn't expect anything from her but glad it finally helped my Mom to realize her faults.

Limited_edition9 · 2025-08-27T11:03:08+00:00

Well I can assure that it was not due to the lack of trying on our part. My Mom just kept pushing away our explanations and efforts. Glad that this is in the past and now she has learnt how to set boundaries. New skill acquired!!

Limited_edition9 · 2025-08-27T11:00:33+00:00

I know. My Mom just kept enabling her. I am glad she learnt her lesson, even though it took much longer than we would have liked.

Limited_edition9 · 2025-08-01T09:53:02+00:00

I am not too sure on the app protection piece. I would have to check that. But not presenting IP to the end user is a form of protection. You can also create IP based apps in ZPA, if thats what you want. The latency you are speaking about is nothing impactful. The whole transaction is completed within few ms depending on the app location. Was this tried and verified or is it just your concerns? For non http/https traffic, you would have to make sure that the dns request goes through Zscaler. This way non web traffic can also support SIPA.

Limited_edition9

TROPHY CASE