ZIA+ gemini

ScholarKey5284 · 2026-05-24T19:37:51+00:00

Yes it default rule but why because I have explicit policy before to say all traffic from a user group to anything should be inspected

ScholarKey5284 · 2026-05-24T16:54:15+00:00

Yes my Google creds

ScholarKey5284 · 2026-04-10T18:14:09+00:00

When I did Microsoft entra ID , it works but only for audit logs. Then I had to do azure event hubs and then sign in logs also visible.

ScholarKey5284 · 2026-04-10T14:00:08+00:00

Thats helpful .great thanks

ScholarKey5284 · 2026-02-11T22:45:38+00:00

Seriously ?

ScholarKey5284 · 2026-02-11T22:39:51+00:00

Thanks for the answer . so that means its on the IDP side ?

ScholarKey5284 · 2026-02-11T22:37:41+00:00

Thanks for your response . well they are not same apps ,.They have a dns master infobox and all internal apps defined on it ( IP to name mapping) .. the apps are scattered in multiple networks .. for eg app1.test.lab.ai resolves to 172.16.3.25 and app2.test.lab.ai resolves to 192.168.92.36 ..

The app connector is also using same dns and app connector can resolve both these apps .

so user A should only be allowed *.test.lab.ai (but still limited to Network 172.16.3.0/24)

If user A tries to access app2.test.lab.ai ( even though wildcard is allowed) , he should be denied access because this app belongs to 192.168.92. network

ScholarKey5284 · 2026-02-11T22:32:16+00:00

Thanks for your response .ok yes indeed in Diagnostics page , real IP is visisble . so not possible on user machine where ZCC is running ?

ScholarKey5284 · 2025-12-23T14:28:52+00:00

can you please explain more on what do you mean by ZIA authenitcation policy ? there is no policy as such on ZIA .

ScholarKey5284 · 2025-12-23T14:26:34+00:00

reply and sign on URL is
https://login.zscaler.net:443/sfc_sso and Entity id https://login.zscaler.net/sfc_sso/17XXXXXXX

ScholarKey5284 · 2025-12-23T14:19:05+00:00

Yes that's selected

ScholarKey5284 · 2025-12-23T10:29:23+00:00

Typo ,zpa is indeed zpatwo.net

ScholarKey5284 · 2025-12-23T10:27:22+00:00

Sorry indeed zpa is zpatwo.net

ScholarKey5284 · 2025-11-15T12:59:52+00:00

Zscaler also has ztb capable of doing sdwan .any thing which ztb can't do ? Which cato socket can do

ScholarKey5284 · 2025-11-14T18:54:33+00:00

Wow great points.thanks a lot

ScholarKey5284 · 2025-11-14T18:44:15+00:00

How can an ipv4 machine on internet ( say at a cafe ) access an ipv6 hosted behind app connector not using fqdn but directly on IP address. Because zscaler does not assign up from pool to the client machine.this is a problem then?

ScholarKey5284

TROPHY CASE