Hi Team,
Bank sites were not loading from home with Zapp (ZIA) is turned ON, it throws connection timed out error but the same sites load if the Zapp (ZIA) is turned OFF and also if we move the user to different ISP then bank sites open even with Zapp (ZIA) turned ON.
I am not sure if we can say it is an ISP issue because if we turn off Zapp (ZIA), website loads without any issues and also I can see no SSL inspection happening on the sites from zscaler end.
Several possibilities to investigate. Your ZIA logs may give you the answers you need. It could be a configuration causing this.
Also possibly, depending on where you are in the world, the bank may only allow connectivity from IP addresses in their home country, in which case you should verify what zscaler datacenter you are hitting. There are configuration options to choose the closest in-country datacenter first, vs the geographically closest (assuming you’re a road warrior).
Hi Mike,
Thanks for the response
Yes, User is a road warrior and located at New York and connected to New York III Data Center. Bank websites are opening from user’s colleague system who are also located in New York with ZIA ON.
I have gone through ZIA logs and all I see allowed logs. Wireshark capture shows keep-alive packets and all of a sudden FIN packets were transmitted and connection gets closed
Copyright 2008-2020 Zscaler™, Inc.Zscaler™, SHIFT™, Direct-to-Cloud™, ZPA™, and The Cloud-First Architect™ are trademarks or registered trademarks of Zscaler, Inc.in the United States and/or other countries. All other trademarks are the property of their respective owners.