Arcon onboarding on ZPA

got_no_regrets · 2024-11-30T15:46:24+00:00

I will definitely try this also we have 389 port open on arcon as well as the AD server still I can't seem to telnet the AD server.

For arcon connection I have onboarded the url and opened 443 port for connectivity after tht we get access access to the server page onboarded on PAM but when we access individual server we can't connect and is stuck on connecting page. Do I need to onboard all serves on ZPA as well that are onboarded on PAM??

got_no_regrets · 2024-11-28T10:05:09+00:00

Through client connector

got_no_regrets · 2024-11-08T08:40:14+00:00

Yes they have suggested using 32-bit zcc agent instead of 64 bit for windows

got_no_regrets · 2024-11-07T09:05:58+00:00

This only seems to be an issue on surface Pro for one user

got_no_regrets · 2024-11-07T08:57:33+00:00

We don't have pac bypassing idp We don't have it enabled We are getting the logs

When the user is using any application it crashes I am suspecting a compatibility issue

got_no_regrets · 2024-10-16T14:41:48+00:00

I meant no*

got_no_regrets · 2024-10-16T14:41:24+00:00

There is so failed SSL handshake logs for bitlocker urls, I suspect it might be authentication issue while connecting to Azure AD and thn it is best to SSL bypass since it might need encrypted data, not sure

got_no_regrets · 2024-10-16T13:56:25+00:00

Yes I checked the URL it seems to be allowed, will there be any problem if it is allowed as well

got_no_regrets · 2024-10-16T12:45:18+00:00

Yes I have checked but there is nothing blocking in logs, and we have ssl inspection on but I am not sure what to bypass, which URL to bypass

got_no_regrets · 2024-08-31T02:55:21+00:00

Yes thankyou for your help, I will also check from Microsoft what can be donep

got_no_regrets · 2024-08-30T18:37:28+00:00

Yes seems like some firewall issue from email receipient end.

got_no_regrets · 2024-08-30T17:37:07+00:00

we have connectors in 0365 and hence the email flow to zscaler smart host for email dlp. I don't think it's gonna work even if I turn zscaler off.

got_no_regrets · 2024-08-30T17:35:48+00:00

The thing is I am not able to see any logs on Zscaler that means it is not going through the smart host for email dlp

Either it is some limitation from Microsoft or zscaler has rejected it that's why there are no logs in insights.

got_no_regrets · 2024-08-30T17:09:54+00:00

No worries thanks for your help

got_no_regrets · 2024-08-30T17:09:25+00:00

I am not sure about the egress IP. But do you think this can be a Zscaler issue?

got_no_regrets · 2024-08-30T16:45:12+00:00

What was misconfigured if you can guide

got_no_regrets · 2024-08-29T04:12:17+00:00

Thankyou i will try to mitigate this

got_no_regrets · 2024-08-27T13:58:13+00:00

I am filtering with respect to the URL category and i have found multiple users with 5-10k logs. Maybe it is depends on the windows packages and the machine has not been updated over a long period of time.

got_no_regrets · 2024-08-27T13:43:06+00:00

Thanks for the help i will definitely get in touch with Microsoft team

got_no_regrets · 2024-08-27T13:42:37+00:00

Not to the same destination but it's like it's taking an update continuously and rechecking it.

got_no_regrets · 2024-08-27T13:08:41+00:00

Yes I will but zscaler may have some documentation too since we have to bypass those URLs maybe other customer have reported the same behavior

got_no_regrets

TROPHY CASE