I don’t have iManage. But as a rough guess. What’s causing strange problems is when the app is initially called by a DNS name and returns an IP that is not on any ZPA List. The IP “Blocks” then won’t show up in ZCC Logs depending on the logs you sent. This is hard to find for support.
We still have it in discovery mode and it’s not working. We added the IP subnets to the app segment as well as the DNS wildcard. That fixed an auth issue with Citrix Storefront but hasn’t resolved iManage issues
We had issues with iManage not working if we didn’t use the FQDN for the server address. Even with shortname access enabled, we still had lots of iManage connection issues. As soon as we changed everyone’s server to the FQDN, issues resolved.
It turns out that the server-side of the app (WorkSite) was trying to poll the client devices. This was only obvious when we did a complete co-ordinated end-to-end Wireshark trace from a client device and the server.
The app vendor implemented their “Work Anywhere” protocol which used a standard load balancer (instead of the apps own clustering DNS round-robin solution) and everything started working! This protocol has been an option in the app for over 8 years and is the standard method in new environments but our customer was completely unaware of it.